CVE-2017-7885 - CVE Vulnerability

Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file. (CVSS:0.0) (Last Update:2017-04-16)

Vulnerability Details : Artifex jbig2dec 0.13 has a heap-based buffer over-read leading to denial of service (application crash) or disclosure of sensitive information from process memory, because of an integer overflow in the jbig2_decode_symbol_dict function in jbig2_symbol_dict.c in libjbig2dec.a during operation on a crafted .jb2 file. Publish Date : 2017-04-16 Last Update Date : 2017-04-16 - CVSS Scores & Vulnerability Types CVSS Score 0.0 Confidentiality Impact ??? Integrity Impact ??? Availability Impact ??? Access Complexity ??? Authentication ??? Gained Access None Vulnerability Type(s) Denial Of ServiceOverflow CWE ID CWE id is not defined for this vulnerability - Products Affected By CVE-2017-7885 # Product Type Vendor Product Version Update Edition Language No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days. - References For CVE-2017-7885 https://bugs.ghostscript.com/show_bug.cgi?id=697703

- Metasploit Modules Related To CVE-2017-7885 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)