CVE-2012-2845

Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.
Configurations

Configuration 1 (hide)

cpe:2.3:a:curtis_galloway:exif:0.6.20:*:*:*:*:*:*:*

History

07 Nov 2023, 02:11

Type Values Removed Values Added
References (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2012:107 - () http://www.mandriva.com/security/advisories?name=MDVSA-2012:107 -
References (BID) http://www.securityfocus.com/bid/54437 - () http://www.securityfocus.com/bid/54437 -
References (MLIST) http://sourceforge.net/mailarchive/message.php?msg_id=29534027 - Vendor Advisory () http://sourceforge.net/mailarchive/message.php?msg_id=29534027 -
References (SECUNIA) http://secunia.com/advisories/49988 - () http://secunia.com/advisories/49988 -

Information

Published : 2012-07-13 10:34

Updated : 2024-02-28 12:00


NVD link : CVE-2012-2845

Mitre link : CVE-2012-2845

CVE.ORG link : CVE-2012-2845


JSON object : View

Products Affected

curtis_galloway

  • exif
CWE
CWE-189

Numeric Errors