Back to search
CVE-2012-2806
Published: Aug 13, 2012
Modified: Jan 21, 2025
PUBLISHED
Description
Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
54480
vdb-entry
x_refsource_BID
MDVSA-2012:121
vendor-advisory
x_refsource_MANDRIVA
https://bugzilla.mozilla.org/show_bug.cgi?id=759802
x_refsource_MISC
49883
third-party-advisory
x_refsource_SECUNIA
50753
third-party-advisory
x_refsource_SECUNIA
84040
vdb-entry
x_refsource_OSVDB
libjpegturbo-getsos-bo(76952)
vdb-entry
x_refsource_XF
GLSA-201209-13
vendor-advisory
x_refsource_GENTOO
[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=826849
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now