CVE-2012-2806

Related Files

Mandriva Linux Security Advisory 2013-274

Posted Nov 21, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-274 - A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. libjpeg 6b and libjpeg-turbo will use uninitialized memory when decoding images with missing SOS data for the luminance component in presence of valid chroma data. libjpeg-turbo will use uninitialized memory when handling Huffman tables.

tags | advisory, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2012-2806, CVE-2013-6629, CVE-2013-6630

SHA-256 | a699eb9668adc83d9e220126707f88b19e9c60554afb68016efe762bd8825c95

Download | Favorite | View

Mandriva Linux Security Advisory 2013-044

Posted Apr 5, 2013

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-044 - A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2012-2806

SHA-256 | 73bad9261abfe9c231244ae6d4030c33576b1d84858b39517e63f472f6ad4f5c

Download | Favorite | View

Gentoo Linux Security Advisory 201209-13

Posted Sep 26, 2012

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201209-13 - A vulnerability in libjpeg-turbo could result in execution of arbitrary code or Denial of Service. Versions prior to 1.2.1 are affected.

tags | advisory, denial of service, arbitrary

systems | linux, gentoo

advisories | CVE-2012-2806

SHA-256 | 5f19eaf06e1f6afd28e3e158dca5c9edceb74a0cb07765561fc2fced366b526f

Download | Favorite | View

Mandriva Linux Security Advisory 2012-121

Posted Aug 2, 2012

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-121 - A Heap-based buffer overflow was found in the way libjpeg-turbo decompressed certain corrupt JPEG images in which the component count was erroneously set to a large value. An attacker could create a specially-crafted JPEG image that, when opened, could cause an application using libpng to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.

tags | advisory, overflow, arbitrary

systems | linux, mandriva

advisories | CVE-2012-2806

SHA-256 | f2ad581b2eb2a623f29ef94aceecd64aa6519150410652e8ff0180d2a6b74f2e

Download | Favorite | View