CVE-2012-2806 - Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remot

CVE-2012-2806

Summary

Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.

References

Vulnerable Configurations

cpe:2.3:a:d.r.commander:libjpeg-turbo:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:d.r.commander:libjpeg-turbo:1.2.0:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 20-12-2023 - 18:28)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	54480
confirm	http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830
gentoo	GLSA-201209-13
mandriva	MDVSA-2012:121
misc	https://bugzilla.mozilla.org/show_bug.cgi?id=759802 https://bugzilla.redhat.com/show_bug.cgi?id=826849
mlist	[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images
osvdb	84040
secunia	49883 50753
xf	libjpegturbo-getsos-bo(76952)

Last major update

20-12-2023 - 18:28

Published

13-08-2012 - 20:55

Last modified

20-12-2023 - 18:28