CVE-2017-12441

Name of the Vulnerable Software and Affected Versions minidjvu version 0.8

Description The issue is related to the row is empty function in the base/4bitmap.c file, which can cause a denial of service due to an invalid memory read and application crash when processing a crafted djvu file.

Recommendations For minidjvu version 0.8, consider avoiding the use of crafted djvu files until a patch is available. As a temporary workaround, restrict the processing of untrusted djvu files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.