CVE-2025-57248
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-09-20
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sumatrapdfreader | sumatrapdf | 3.5.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a null pointer dereference in SumatraPDF version 3.5.2 that occurs when processing a specially crafted .djvu file. Specifically, the issue happens inside the libmupdf.dll library in the DataPool::has_data() function. During parsing of a malformed DjVu file, an incomplete or invalid DataPool object is created, but the program attempts to call the has_data() method on a null pointer, causing an access violation and crashing the application. [1]
How can this vulnerability impact me? :
This vulnerability can cause SumatraPDF 3.5.2 to crash unexpectedly when opening a maliciously crafted DjVu file. This denial of service could interrupt user activities and potentially be exploited to disrupt systems relying on SumatraPDF for document viewing. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for crashes of SumatraPDF version 3.5.2 when opening .djvu files, specifically crashes inside libmupdf.dll related to DataPool::has_data(). You can check application crash logs for access violation errors (C0000005) referencing libmupdf.dll. There are no specific network detection commands provided. On the system, you can use debugging or event log tools to identify SumatraPDF crashes triggered by malformed .djvu files. For example, on Windows, use Event Viewer to look for application error logs related to SumatraPDF or use tools like Procmon to monitor file access and crashes when opening .djvu files. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding opening untrusted or suspicious .djvu files with SumatraPDF version 3.5.2. Consider disabling or restricting the use of SumatraPDF for .djvu files until a patched version is released. Monitor for updates from SumatraPDF and apply patches as soon as they become available. Additionally, implement application whitelisting or sandboxing to limit the impact of potential crashes caused by malicious files. [1]