read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.
References
Link | Resource |
---|---|
https://github.com/dropbox/lepton/issues/111 | Exploit Patch Third Party Advisory |
https://github.com/dropbox/lepton/commit/6a5ceefac1162783fffd9506a3de39c85c725761 | Patch Third Party Advisory |
Configurations
Information
Published : 2019-04-23 07:29
Updated : 2019-04-24 13:16
NVD link : CVE-2018-20820
Mitre link : CVE-2018-20820
JSON object : View
CWE
CWE-190
Integer Overflow or Wraparound
Products Affected
dropbox
- lepton