An integer overflow vulnerability in 'pdf-image.c' in Artifex's MuPDF version 1.27.0 allows an attacker to maliciously craft a PDF that can trigger an integer overflow within the 'pdf_load_image_imp' function. This allows a heap out-of-bounds write that could be exploited for arbitrary code execution.
1.25.1+ds1-5build21.25.1+ds1-61.25.1+ds1-71.25.1+ds1-71.25.1+ds1-7build11.25.1+ds1-7build21.27.0+ds1-2ubuntu11.27.0+ds1-3ubuntu11.27.0+ds1-3ubuntu21.7-11.7a-11.7a-1ubuntu0.1~esm11.11+ds1-1.11.11+ds1-21.12.0+ds1-11.12.0+ds1-1ubuntu0.1~esm11.12.0+ds1-1ubuntu0.1~esm21.15.0+ds1-11.16.1+ds1-1ubuntu11.16.1+ds1-1ubuntu1+esm11.16.1+ds1-1ubuntu1+esm21.17.0+ds1-21.19.0+ds1-11.19.0+ds1-1build11.19.0+ds1-21.19.0+ds1-2ubuntu0.1~esm11.22.2+ds1-21.22.2+ds1-2build11.23.10+ds1-11.23.10+ds1-1build11.23.10+ds1-1build21.23.10+ds1-1build31.23.10+ds1-1ubuntu0.1~esm11.23.6+ds1-11.23.7+ds1-1Exploitability
AV:LAC:LPR:NUI:RScope
S:UImpact
C:HI:HA:HCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H