The row_is_empty function in base/4bitmap.c:274 in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2017/Aug/15 | Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100419 |
Configurations
Information
Published : 2017-08-17 09:29
Updated : 2017-08-22 18:29
NVD link : CVE-2017-12441
Mitre link : CVE-2017-12441
JSON object : View
CWE
CWE-125
Out-of-bounds Read
Products Affected
minidjvu_project
- minidjvu