Back to search
CVE-2013-6629
Published: Nov 15, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20131112 bugs in IJG jpeg6b & libjpeg-turbo
mailing-list
x_refsource_FULLDISC
63676
vdb-entry
x_refsource_BID
https://www.ibm.com/support/docview.wss?uid=swg21675973
x_refsource_CONFIRM
RHSA-2014:0414
vendor-advisory
x_refsource_REDHAT
GLSA-201406-32
vendor-advisory
x_refsource_GENTOO
RHSA-2013:1804
vendor-advisory
x_refsource_REDHAT
openSUSE-SU-2013:1958
vendor-advisory
x_refsource_SUSE
HPSBUX03091
vendor-advisory
x_refsource_HP
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
x_refsource_CONFIRM
RHSA-2014:0413
vendor-advisory
x_refsource_REDHAT
59058
third-party-advisory
x_refsource_SECUNIA
SSRT101667
vendor-advisory
x_refsource_HP
RHSA-2013:1803
vendor-advisory
x_refsource_REDHAT
openSUSE-SU-2013:1957
vendor-advisory
x_refsource_SUSE
HPSBUX03092
vendor-advisory
x_refsource_HP
http://support.apple.com/kb/HT6163
x_refsource_CONFIRM
56175
third-party-advisory
x_refsource_SECUNIA
FEDORA-2013-23127
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2014:0065
vendor-advisory
x_refsource_SUSE
FEDORA-2013-23519
vendor-advisory
x_refsource_FEDORA
58974
third-party-advisory
x_refsource_SECUNIA
1029470
vdb-entry
x_refsource_SECTRACK
https://bugzilla.mozilla.org/show_bug.cgi?id=891693
x_refsource_CONFIRM
openSUSE-SU-2013:1917
vendor-advisory
x_refsource_SUSE
http://www.mozilla.org/security/announce/2013/mfsa2013-116.html
x_refsource_CONFIRM
http://support.apple.com/kb/HT6150
x_refsource_CONFIRM
openSUSE-SU-2013:1959
vendor-advisory
x_refsource_SUSE
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
x_refsource_CONFIRM
openSUSE-SU-2013:1916
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2014:0008
vendor-advisory
x_refsource_SUSE
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
x_refsource_CONFIRM
1029476
vdb-entry
x_refsource_SECTRACK
openSUSE-SU-2013:1776
vendor-advisory
x_refsource_SUSE
SSRT101668
vendor-advisory
x_refsource_HP
https://src.chromium.org/viewvc/chrome?revision=229729&view=revision
x_refsource_CONFIRM
GLSA-201606-03
vendor-advisory
x_refsource_GENTOO
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
x_refsource_CONFIRM
openSUSE-SU-2013:1918
vendor-advisory
x_refsource_SUSE
FEDORA-2013-23291
vendor-advisory
x_refsource_FEDORA
http://support.apple.com/kb/HT6162
x_refsource_CONFIRM
https://code.google.com/p/chromium/issues/detail?id=258723
x_refsource_CONFIRM
USN-2052-1
vendor-advisory
x_refsource_UBUNTU
DSA-2799
vendor-advisory
x_refsource_DEBIAN
openSUSE-SU-2013:1861
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2013:1777
vendor-advisory
x_refsource_SUSE
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
x_refsource_CONFIRM
http://advisories.mageia.org/MGASA-2013-0333.html
x_refsource_CONFIRM
http://bugs.ghostscript.com/show_bug.cgi?id=686980
x_refsource_CONFIRM
MDVSA-2013:273
vendor-advisory
x_refsource_MANDRIVA
USN-2060-1
vendor-advisory
x_refsource_UBUNTU
USN-2053-1
vendor-advisory
x_refsource_UBUNTU
FEDORA-2013-23295
vendor-advisory
x_refsource_FEDORA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now