CVE-2017-7885

Related Files

Gentoo Linux Security Advisory 201708-10

Posted Aug 26, 2017

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201708-10 - Multiple integer overflow flaws have been discovered in jbig2dec, possibly resulting in execution of arbitrary code or Denial of Service. Versions less than 0.13-r4 are affected.

tags | advisory, denial of service, overflow, arbitrary

systems | linux, gentoo

advisories | CVE-2017-7885, CVE-2017-7975, CVE-2017-7976

SHA-256 | e800564a9d543207a426b461e655f3bbd79afb05e0188afad6b3e1e318f2fa3d

Download | Favorite | View

Ubuntu Security Notice USN-3297-1

Posted May 26, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3297-1 - Bingchang Liu discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. It was discovered that jbig2dec incorrectly handled memory when decoding malformed image files. If a user or automated system were tricked into processing a specially crafted JBIG2 image file, a remote attacker could cause jbig2dec to crash, resulting in a denial of service, or possibly disclose sensitive information. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary

systems | linux, ubuntu

advisories | CVE-2016-9601, CVE-2017-7885, CVE-2017-7975, CVE-2017-7976

SHA-256 | 8995d60474715ca698f623cfd847001e10d5652f23121b9db2700dc1ab3047cc

Download | Favorite | View