CVE-2017-12444 (NVD)

2017-08-17

The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.

Products Minidjvu
Type Out-of-bounds Read (CWE-125)
First patch - None (likely due to unavailable code)
Links http://seclists.org/fulldisclosure/2017/Aug/15
http://www.securityfocus.com/bid/100416