Filtered by vendor D.r.commander
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2017-9614 | 1 D.r.commander | 1 Libjpeg-turbo | 2023-02-02 | 6.8 MEDIUM | 8.8 HIGH |
** DISPUTED ** The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due to a bug in downstream code caused by misuse of the libjpeg API. | |||||
CVE-2012-2806 | 1 D.r.commander | 1 Libjpeg-turbo | 2017-08-28 | 6.8 MEDIUM | N/A |
Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image. |