QwikSec

Security Database

CVE

CWE

Training

CVE-2013-6630

Published: Nov 15, 2013

Modified: Aug 6, 2024

PUBLISHED

Description

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20131112 bugs in IJG jpeg6b & libjpeg-turbo

mailing-list

x_refsource_FULLDISC

openSUSE-SU-2013:1958

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_REDHAT

openSUSE-SU-2013:1957

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_SECUNIA

FEDORA-2013-23127

vendor-advisory

x_refsource_FEDORA

openSUSE-SU-2014:0065

vendor-advisory

x_refsource_SUSE

FEDORA-2013-23519

vendor-advisory

x_refsource_FEDORA

vdb-entry

x_refsource_SECTRACK

https://bugzilla.mozilla.org/show_bug.cgi?id=891693

x_refsource_CONFIRM

openSUSE-SU-2013:1917

vendor-advisory

x_refsource_SUSE

http://www.mozilla.org/security/announce/2013/mfsa2013-116.html

x_refsource_CONFIRM

openSUSE-SU-2013:1959

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

openSUSE-SU-2013:1916

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2014:0008

vendor-advisory

x_refsource_SUSE

http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html

x_refsource_CONFIRM

vdb-entry

x_refsource_SECTRACK

openSUSE-SU-2013:1776

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2013:1918

vendor-advisory

x_refsource_SUSE

FEDORA-2013-23291

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

openSUSE-SU-2013:1861

vendor-advisory

x_refsource_SUSE

http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8

x_refsource_CONFIRM

openSUSE-SU-2013:1777

vendor-advisory

x_refsource_SUSE

https://code.google.com/p/chromium/issues/detail?id=299835

x_refsource_CONFIRM

http://advisories.mageia.org/MGASA-2013-0333.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_UBUNTU

FEDORA-2013-23295

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.