An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-369,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| netapp | oncommand_unified_manager | * |
| oracle | jdk | 11.0.1 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 16.04 |
| netapp | oncommand_workflow_automation | * |
| opensuse | leap | 15.0 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_server | 7.0 |
| oracle | jdk | 1.8.0 |
| redhat | enterprise_linux_server | 6.0 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux_workstation | 7.0 |
| oracle | jdk | 1.7.0 |
| canonical | ubuntu_linux | 18.04 |
| netapp | snapmanager | * |
| redhat | satellite | 5.8 |
| ijg | libjpeg | 9a |
| redhat | enterprise_linux_desktop | 7.0 |
| oracle | jre | 8.0 |
| canonical | ubuntu_linux | 14.04 |
| redhat | enterprise_linux_desktop | 6.0 |
An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 12.04 |
| ijg | libjpeg | 9a |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 14.04 |
An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 17.10 |
| canonical | ubuntu_linux | 12.04 |
| ijg | libjpeg | 9a |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 14.04 |
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-834,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ijg | libjpeg | 9c |
In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-400,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ijg | libjpeg | * |
| debian | debian_linux | 9.0 |
In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.1 | HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H | 1.8 | 5.2 |
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-125,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ijg | libjpeg | * |