CVE-2017-12445

Name of the Vulnerable Software and Affected Versions minidjvu version 0.8

Description The issue is related to the JB2BitmapCoder::code row by refinement function in minidjvu, which can cause a denial of service due to an invalid memory read and application crash when processing a crafted djvu file.

Recommendations For minidjvu version 0.8, consider avoiding the use of crafted djvu files until a patch is available. As a temporary workaround, restrict the input to trusted sources to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.