CVE-2013-6630 libjpeg6b

Metadata

medium
5.0
libjpeg6b
CVE-2013-6630
2017-06-16 19:07
ALAS-2013-267
Moderate CentOS libjpeg-turbo Update
CVE-2013-6630 libjpeg8
CVE-2013-6630 icedove
CVE-2013-6630 chromium-browser
CVE-2013-6630 libjpeg-turbo
CVE-2013-6630 iceweasel
CVE-2013-6630
2017-04-01 19:11
2017-01-05 20:15

Description

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
sid libjpeg6b 6b1-4
wheezy libjpeg6b 6b1-3+deb7u1