QwikSec

Security Database

CVE

CWE

Training

CVE-2017-9614

Published: Jul 27, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. NOTE: Maintainer asserts the issue is due to a bug in downstream code caused by misuse of the libjpeg API

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://seclists.org/fulldisclosure/2017/Jul/66

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

20170726 libjpeg-turbo denial of service vulnerability

mailing-list

x_refsource_FULLDISC

http://packetstormsecurity.com/files/143518/libjpeg-turbo-1.5.1-Denial-Of-Service.html

x_refsource_MISC

https://github.com/libjpeg-turbo/libjpeg-turbo/issues/167

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.