QwikSec

Security Database

CVE

CWE

Training

CVE-2019-15144

Published: Aug 18, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate<TYPE>::sort) allows attackers to cause a denial-of-service (application crash due to an Uncontrolled Recursion) by crafting a PBM image file that is mishandled in libdjvu/GContainer.h.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://sourceforge.net/p/djvu/bugs/299/

x_refsource_MISC

https://sourceforge.net/p/djvu/djvulibre-git/ci/e15d51510048927f172f1bf1f27ede65907d940d/

x_refsource_MISC

[debian-lts-announce] 20190829 [SECURITY] [DLA 1902-1] djvulibre security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2217

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:2219

vendor-advisory

x_refsource_SUSE

FEDORA-2019-67ff247aea

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-b217f90c2a

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-7ca378f076

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

FEDORA-2019-f923712bab

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-6bc8be9d84

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_GENTOO

[debian-lts-announce] 20210526 [SECURITY] [DLA 2667-1] djvulibre security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_DEBIAN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.