Published: 13/07/2012 Updated: 07/11/2023

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 570

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:P

Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote malicious users to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
curtis galloway exif 0.6.20

Debian Bug report logs - #681454 libexif: Overflow security vulnerabilities (CVE-2012-2812, CVE-2012-2813, CVE-2012-2814, CVE-2012-2836, CVE-2012-2837, CVE-2012-2840, CVE-2012-2841, CVE-2012-2845) Package: libexif; Maintainer for libexif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported ...

Debian Bug report logs - #681465 CVE-2012-2845 Package: exif; Maintainer for exif is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Source for exif is src:exif (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Fri, 13 Jul 2012 12:54:14 UTC Severity ...

CWE-189 http://www.securityfocus.com/bid/54437 http://sourceforge.net/mailarchive/message.php?msg_id=29534027 http://www.mandriva.com/security/advisories?name=MDVSA-2012:107 http://secunia.com/advisories/49988 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454

CVE-2012-2845

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect