Published: 13/02/2017 Updated: 06/08/2019

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

The cjpeg utility in libjpeg allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libjpeg-turbo libjpeg-turbo 7.4
redhat enterprise linux 7.4
debian debian linux 8.0
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04
canonical ubuntu linux 18.10
canonical ubuntu linux 12.04

Synopsis Moderate: libjpeg-turbo security update Type/Severity Security Advisory: Moderate Topic An update for libjpeg-turbo is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) ba ...

Debian Bug report logs - #902176 libjpeg9: CVE-2018-11212 CVE-2018-11213 CVE-2018-11214 Package: src:libjpeg9; Maintainer for src:libjpeg9 is Bill Allombert <ballombe@debianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Sat, 23 Jun 2018 07:15:02 UTC Severity: normal Tags: security Found in version lib ...

Debian Bug report logs - #819969 libjpeg9: CVE-2016-3616: null pointer dereference in cjpeg Package: src:libjpeg9; Maintainer for src:libjpeg9 is Bill Allombert <ballombe@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Mon, 4 Apr 2016 12:39:01 UTC Severity: important Tags: security, upstream ...

libjpeg-turbo could be made to crash or run programs as your login if it opened a specially crafted file ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file(CVE-2016-3616) libjpeg 9c has a large loop because read_pixel in rdtargac mishandles EOF(CVE-2018-11813) An out-of-bounds read vulnerability has been discovered in libjpeg ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file(CVE-2016-3616) A divide by zero vulnerability has been discovered in libjpeg-turbo in alloc_sarray function of jmemmgrc file An attacker could use this vulnerability to ca ...

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file ...

WiiU-Vulns libpng: wwwcvedetailscom/cve/CVE-2014-9495/ (100!) libjpeg-turbo wwwcvedetailscom/cve/CVE-2016-3616/ (68)

CWE-476 https://bugzilla.redhat.com/show_bug.cgi?id=1319661 https://bugzilla.redhat.com/show_bug.cgi?id=1318509 https://usn.ubuntu.com/3706-1/https://usn.ubuntu.com/3706-2/https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html https://access.redhat.com/errata/RHSA-2019:2052 https://access.redhat.com/errata/RHSA-2019:2052 https://nvd.nist.gov https://usn.ubuntu.com/3706-2/

CVE-2016-3616

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect