Artifex » Jbig2dec : Security Vulnerabilities, CVEs, Published In 2017 (Overflow) CVSS score >= 6

CVE-2017-7976

Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.
Max CVSS
7.1
EPSS Score
0.12%
Published
2017-04-19
Updated
2017-11-04

CVE-2017-7975

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2_build_huffman_table function in jbig2_huffman.c during operations on a crafted JBIG2 file, leading to a denial of service (application crash) or possibly execution of arbitrary code.
Max CVSS
7.8
EPSS Score
0.17%
Published
2017-04-19
Updated
2017-11-04

CVE-2017-7885

Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file.
Max CVSS
7.1
EPSS Score
0.12%
Published
2017-04-17
Updated
2017-11-04
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close