3 matches found
EUVD-2019-6212
Malware in sbrugna...
Updated djvulibre packages fix security vulnerabilities
The updated packages fix security vulnerabilities: In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read by crafting a DJVU file...
CVE-2019-15145
DjVuLibre 3.5.27 is vulnerable to a denial-of-service via an out-of-bounds read when processing a crafted JB2 image. The root cause is a missing zero-byte check in libdjvu/GBitmap.h, affecting JB2Dict::JB2Codec::get_direct_context in libdjvu/JB2Image.h. Exploitation requires a crafted JB2 image a...