Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-6630

Опубликовано: 12 нояб. 2013
Источник: redhat
CVSS2: 4.3

Описание

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libjpegNot affected
Red Hat Enterprise Linux 7libjpeg-turboNot affected
RHEV HypervisorlibjpegAffected
Red Hat Enterprise Linux 6libjpeg-turboFixedRHSA-2013:180309.12.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-456
https://bugzilla.redhat.com/show_bug.cgi?id=1031749libjpeg: information leak (read of uninitialized memory)

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-6630

ubuntu
больше 11 лет назад

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

nvd логотип

CVE-2013-6630

nvd
больше 11 лет назад

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

debian логотип

CVE-2013-6630

debian
больше 11 лет назад

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as ...

github логотип

GHSA-pwx8-2f52-93wg

github
около 3 лет назад

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

oracle-oval логотип

ELSA-2013-1803

oracle-oval
больше 11 лет назад

ELSA-2013-1803: libjpeg-turbo security update (MODERATE)

4.3 Medium

CVSS2