get_8bit_row in rdbmp.c in libjpeg-turbo up to and including 1.5.90 and MozJPEG up to and including 3.3.1 allows malicious users to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit BMP in which one or more of the color indices is out of range for the number of palette entries.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla mozjpeg |
||
libjpeg-turbo libjpeg-turbo |
||
fedoraproject fedora 28 |
||
debian debian linux 8.0 |
||
opensuse leap 15.0 |