Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2845

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2012-2845
Last Modified 06 Nov 2012 12:12:41
Published 13 Jul 2012 06:34:59
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-2845

Summary

Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.

Vulnerable Systems

Application

  • Curtis Galloway Exif 0.6.20


References

MLIST - [libexif-devel] 20120712 libexif project security advisory July 12, 2012

MANDRIVA - MDVSA-2012:107

SECUNIA - 49988


Last Updated: 27 May 2016 10:54:58