CVE-2017-7975

Name of the Vulnerable Software and Affected Versions Artifex jbig2dec version 0.13

Description The issue is caused by an integer overflow in the jbig2 build huffman table function in jbig2 huffman.c when processing a crafted JBIG2 file. This can lead to out-of-bounds writes, resulting in a denial of service (application crash) or potentially allowing the execution of arbitrary code.

Recommendations For Artifex jbig2dec version 0.13, consider avoiding the use of crafted JBIG2 files until a patch is available. As a temporary workaround, restrict the processing of JBIG2 files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.