Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
PSI
PSI API
CSI
OSI
xSI
Vulnerabilities
Programs
Open Discussions
My Threads
Create Thread
Statistics
About

Forum Thread: SumatraPDF "closedctd()" Memory Corruption Vulnerability

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
Vulnerabilities

See the original Secunia advisory:
SumatraPDF "closedctd()" Memory Corruption Vulnerability

Secunia SumatraPDF "closedctd()" Memory Corruption Vulnerability
Secunia Official 17th Jun, 2011 05:15
Ranking: 0
Posts: 0
User Since: -
System Score: -
Location: Copenhagen, DK
A vulnerability has been discovered in SumatraPDF, which potentially can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to the use of vulnerable MuPDF code.

For more information:
SA43020

Narration RE: SumatraPDF "closedctd()" Memory Corruption Vulnerability
Member 17th Jun, 2011 05:15
Score: 13
Posts: 9
User Since: 28th Apr 2011
System Score: N/A
Location: AQ
Last edited on 17th Jun, 2011 05:15
Sumatra is up to version 1.5, weeks ago. Are you certain this problem still exists?

It's very important to have a simpler alternative to Adobe as primary reader.

Thank you.
Was this reply relevant?
+7
-6
Anthony Wells RE: SumatraPDF "closedctd()" Memory Corruption Vulnerability
Expert Contributor 17th Jun, 2011 14:33
Score: 2414
Posts: 3,310
User Since: 19th Dec 2007
System Score: N/A
Location: N/A

Hi ,

You may not be aware that this sub-forum is reserved for technical discussion of a particular Secunia Advisory . Your question really falls outside those limits , however a similar question has been answered by Secunia support in this thread :-

http://secunia.com/community/forum/thread/show/973...

The concensus would be that you should take the matter up with the vendor of Sumatra (in your case) .

Take care

Anthony




--


It always seems impossible until its done.
Nelson Mandela
Was this reply relevant?
+0
-1
Narration RE: SumatraPDF "closedctd()" Memory Corruption Vulnerability
Member 20th Jun, 2011 03:41
Score: 13
Posts: 9
User Since: 28th Apr 2011
System Score: N/A
Location: AQ
Last edited on 20th Jun, 2011 03:41
Anthony, thanks for the reply.

I'm a little perplexed, however, as my question is exactly concerning the central technical matter of the advisory.

The advisory begins at Sumatra 1.3. We're up to Sumatra 1.5, which has taken a number of months. Is the problem this advisory proposes not cleared? Is Sumatra not safe now?

I read your link, but it doesn't seem to relate to this central technical question.

Thanks, and just as interested in the answer,
Clive
Was this reply relevant?
+7
-6
Narration RE: SumatraPDF "closedctd()" Memory Corruption Vulnerability
Member 20th Jun, 2011 04:07
Score: 13
Posts: 9
User Since: 28th Apr 2011
System Score: N/A
Location: AQ
Last edited on 20th Jun, 2011 04:11
Ok, I've taken this a little farther, because I noticed just as I was about to close the page that there's a vague, undated, unversioned note that this is/was 'fixed in the latest prerelease version'.

Since I know Sumatra issues pre-releases nearly daily, having helped them on another bug, I went looking for when they might have fixed this, or been able to receive a new MuPDF library which contained the fix.

MuPDF's bug tracker has only the following reference to the fatal closedctd: http://bugs.ghostscript.com/show_bug.cgi?id=691568

Note this was from last August, though it does sound suspiciously like it may be the actual fix, just carefully not noted as a security issue.

Thus we may presume Sumatra picked up a revised library long ago, and that this bug is fixed.

Or not? Equally possible I would say.

If Secunia knows as it states above on this page that a fix was done, may we have a date? And can you please assure whether the current Sumatra 1.6, released a week or two ago, has the fix?

If it does, it would also be nice if Secunia would properly do two things:

1. Give proper Secure Browsing score, not implicating Sumatra
2. Actually show Sumatra as a Security hazard itself, if it is.

Maybe this is the root of the whole problem here. Secunia is saying Sumatra 1.6 is fine, as a program. However, Secunia is saying Sumatra is very much not fine as an application used by browsers, and marking all my browsers as bad because they will open PDFs with Sumatra.

It looks likely that the real error is in Secunia's incongruent rules on this, doesn't it?

Thank you,
Clive


p.s. I made an error mentioning Sumatra 1.5 in the above posting: current version, on which Secunia is reporting for me, is 1.6
Was this reply relevant?
+9
-8
Narration RE: SumatraPDF "closedctd()" Memory Corruption Vulnerability
Member 21st Jun, 2011 02:45
Score: 13
Posts: 9
User Since: 28th Apr 2011
System Score: N/A
Location: AQ
Last edited on 21st Jun, 2011 04:13
Do you realize:

1. Secunia reports SumatraPDF 1.6 as 'patched' and with no vulnerabilites

2. Secunia however also reports all browsers are unsafe, because they would open PDFs with Secunia?

Thus Secunia is at fault. Not me, and not Sumatra.

I must say that you are exceptionally rude in your behaviour, in refusing to respond to detailed technical investigation, which discloses Secunia's problem on this technical issue which is entirely on subject for the vulnerability.

And hiding behind a demotion system.

You are speaking to an adult here. I spent my time to work out the real problem you are having, in false reporting by your application. Please respond in kind.

Thank you,
Clive
Was this reply relevant?
+8
-5
Narration RE: SumatraPDF "closedctd()" Memory Corruption Vulnerability
Member 21st Jun, 2011 21:52
Score: 13
Posts: 9
User Since: 28th Apr 2011
System Score: N/A
Location: AQ
Ok, I re-scanned this morning, and the Secunia fault has been corrected.

- SumatraPDF 1.6 continues to show secure

- Secure Browsing no longer reports SumatraPDF as a security issue.

Thank you.

Now, do you feel like correcting the -20 points someone has put on my credibility score?

Thank you for that as well.

Looking to continued mutual respect going forward.

Grüss,
Clive
Was this reply relevant?
+2
-2


 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability