CVE-2017-7448

Name of the Vulnerable Software and Affected Versions Dropbox Lepton version 1.2.1

Description The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and application crash, via a malformed JPEG image. This is due to a problem in the allocate channel framebuffer function in uncompressed components.hh.

Recommendations For Dropbox Lepton version 1.2.1, as a temporary workaround, consider restricting the processing of JPEG images until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.