Note:
This project will be discontinued after December 13, 2021. [more]
2017-08-17
The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.
Products | Minidjvu |
Type | Out-of-bounds Read (CWE-125) |
First patch | - None (likely due to unavailable code) |
Links |
• http://seclists.org/fulldisclosure/2017/Aug/15
• http://www.securityfocus.com/bid/100416 |