Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-3005

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2006-3005
Last Modified 05 Sep 2008 05:06:00
Published 13 Jun 2006 06:02:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-3005

Summary

The JPEG library in media-libs/jpeg before 6b-r7 on Gentoo Linux is built without the -maxmem feature, which could allow context-dependent attackers to cause a denial of service (memory exhaustion) via a crafted JPEG file that exceeds the intended memory limits.

Vulnerable Systems

Operating System

  • Gentoo Linux

Application

  • Gentoo Media-libs Jpeg 6b


References

GENTOO - GLSA-200606-11

SECUNIA - 20563

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=130889

XF - jpeg-medialibs-dos(31451)

OSVDB - 26317


Last Updated: 27 May 2016 10:42:51