Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-6369

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2013-6369
Last Modified 14 Apr 2014 09:08:18
Published 11 Apr 2014 10:55:05
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-6369

Summary

Stack-based buffer overflow in the jbg_dec_in function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted image file.

Vulnerable Systems

Application

  • Cambridge Enterprise Jbig-kit 0.5

  • Cambridge Enterprise Jbig-kit 0.6

  • Cambridge Enterprise Jbig-kit 0.7

  • Cambridge Enterprise Jbig-kit 0.8

  • Cambridge Enterprise Jbig-kit 0.9

  • Cambridge Enterprise Jbig-kit 1.0

  • Cambridge Enterprise Jbig-kit 1.1

  • Cambridge Enterprise Jbig-kit 1.2

  • Cambridge Enterprise Jbig-kit 1.3

  • Cambridge Enterprise Jbig-kit 1.4

  • Cambridge Enterprise Jbig-kit 1.5

  • Cambridge Enterprise Jbig-kit 1.6

  • Cambridge Enterprise Jbig-kit 2.0


References

CONFIRM - https://www.cl.cam.ac.uk/~mgk25/jbigkit/CHANGES

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1032273

SECUNIA - 57731


Last Updated: 27 May 2016 11:04:53