Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| cambridge_enterprise | jbig-kit | 1.5 |
| cambridge_enterprise | jbig-kit | 1.1 |
| cambridge_enterprise | jbig-kit | 0.7 |
| cambridge_enterprise | jbig-kit | 1.3 |
| cambridge_enterprise | jbig-kit | * |
| cambridge_enterprise | jbig-kit | 1.2 |
| cambridge_enterprise | jbig-kit | 1.4 |
| cambridge_enterprise | jbig-kit | 1.6 |
| cambridge_enterprise | jbig-kit | 0.5 |
| cambridge_enterprise | jbig-kit | 0.9 |
| cambridge_enterprise | jbig-kit | 0.6 |
| cambridge_enterprise | jbig-kit | 0.8 |
| cambridge_enterprise | jbig-kit | 1.0 |