Описание
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | not-affected | code not present |
| cosmic | not-affected | code not present |
| devel | not-affected | code not present |
| disco | not-affected | code not present |
| esm-apps/bionic | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage |
Показывать по
6.8 Medium
CVSS2
7.8 High
CVSS3
Связанные уязвимости
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size.
io/ZlibCompression.cc in the decompression component in Dropbox Lepton ...
io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size.
6.8 Medium
CVSS2
7.8 High
CVSS3