Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2017-7976

Published: 19/04/2017 Updated: 04/11/2017
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Subscribe to Jbig2dec

Vulnerability Summary

Artifex jbig2dec 0.13 allows out-of-bounds writes and reads because of an integer overflow in the jbig2_image_compose function in jbig2_image.c during operations on a crafted .jb2 file, leading to a denial of service (application crash) or disclosure of sensitive information from process memory.

Vulnerable Product Search on Vulmon Subscribe to Product

artifex jbig2dec 0.13

Vendor Advisories

Ubuntu Security Notice: jbig2dec vulnerabilities
Several security issues were fixed in jbig2dec ...
Debian Security Advisories: DSA-3855-1 jbig2dec -- security update
Multiple security issues have been found in the JBIG2 decoder library, which may lead to denial of service, disclosure of sensitive information from process memory or the execution of arbitrary code if a malformed image file (usually embedded in a PDF document) is opened For the stable distribution (jessie), these problems have been fixed in versi ...
Debian CVElist Bug Report Logs: jbig2dec: CVE-2017-7885: heap-buffer-overflow by integer overflow to bypass the check in the function jbig2_decode_symbol_dict
Debian Bug report logs - #860460 jbig2dec: CVE-2017-7885: heap-buffer-overflow by integer overflow to bypass the check in the function jbig2_decode_symbol_dict Package: src:jbig2dec; Maintainer for src:jbig2dec is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg& ...
Debian CVElist Bug Report Logs: jbig2dec: CVE-2017-7975: Out-of-bound memory write vulnerability due to integer overflow in function jbig2_build_huffman_table
Debian Bug report logs - #860788 jbig2dec: CVE-2017-7975: Out-of-bound memory write vulnerability due to integer overflow in function jbig2_build_huffman_table Package: src:jbig2dec; Maintainer for src:jbig2dec is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg& ...
Debian CVElist Bug Report Logs: jbig2dec: CVE-2017-7976: Integer overflow in function jbig2_image_compose
Debian Bug report logs - #860787 jbig2dec: CVE-2017-7976: Integer overflow in function jbig2_image_compose Package: src:jbig2dec; Maintainer for src:jbig2dec is Debian Printing Team <debian-printing@listsdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 20 Apr 2017 06:15:01 UTC Severity: ...

References

CWE-190https://bugs.ghostscript.com/show_bug.cgi?id=697683https://security.gentoo.org/glsa/201708-10http://www.debian.org/security/2017/dsa-3855https://usn.ubuntu.com/3297-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook