Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.
References
Configurations
History
21 Nov 2024, 01:39
Type | Values Removed | Values Added |
---|---|---|
References | () http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 - Product | |
References | () http://osvdb.org/84040 - Broken Link | |
References | () http://secunia.com/advisories/49883 - Not Applicable | |
References | () http://secunia.com/advisories/50753 - Not Applicable | |
References | () http://security.gentoo.org/glsa/glsa-201209-13.xml - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2012:121 - Not Applicable | |
References | () http://www.openwall.com/lists/oss-security/2012/07/17/3 - Mailing List | |
References | () http://www.securityfocus.com/bid/54480 - Third Party Advisory, VDB Entry | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=759802 - Issue Tracking | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=826849 - Issue Tracking | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/76952 - VDB Entry |
20 Dec 2023, 18:28
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/84040 - Broken Link | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=759802 - Issue Tracking | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=826849 - Issue Tracking | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/76952 - VDB Entry | |
References | () http://www.securityfocus.com/bid/54480 - Third Party Advisory, VDB Entry | |
References | () http://security.gentoo.org/glsa/glsa-201209-13.xml - Third Party Advisory | |
References | () http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 - Product | |
References | () http://www.openwall.com/lists/oss-security/2012/07/17/3 - Mailing List | |
References | () http://secunia.com/advisories/49883 - Not Applicable | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2012:121 - Not Applicable | |
References | () http://secunia.com/advisories/50753 - Not Applicable | |
CWE | CWE-787 |
07 Nov 2023, 02:10
Type | Values Removed | Values Added |
---|---|---|
References | () http://security.gentoo.org/glsa/glsa-201209-13.xml - | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2012:121 - | |
References | () http://osvdb.org/84040 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=826849 - | |
References | () http://secunia.com/advisories/49883 - | |
References | () https://bugzilla.mozilla.org/show_bug.cgi?id=759802 - | |
References | () http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830 - | |
References | () http://secunia.com/advisories/50753 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/76952 - | |
References | () http://www.openwall.com/lists/oss-security/2012/07/17/3 - | |
References | () http://www.securityfocus.com/bid/54480 - |
Information
Published : 2012-08-13 20:55
Updated : 2024-11-21 01:39
NVD link : CVE-2012-2806
Mitre link : CVE-2012-2806
CVE.ORG link : CVE-2012-2806
JSON object : View
Products Affected
d.r.commander
- libjpeg-turbo
CWE
CWE-787
Out-of-bounds Write