Security Advisory

CVE-2019-15145

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-18 18:30:05

Last updated 2024-08-05 00:42:03

Assigner mitre

State PUBLISHED

Description

DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack (application crash via an out-of-bounds read) by crafting a corrupted JB2 image file that is mishandled in JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h because of a missing zero-bytes check in libdjvu/GBitmap.h.

← Browse all CVEs View on cve.org ↗