CVE-2012-2845

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2012-2845

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2012-2845.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2012-2845

Related

Published

2012-07-13T10:34:59Z

Modified

2024-08-01T07:27:38.962116Z

Summary

[none]

Details

Integer overflow in the jpegdataload_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.

References

Affected packages

Alpine:v3.10 / libexif

Package

Name: libexif
Purl: pkg:apk/alpine/libexif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.21-r0

Affected versions

0.*

0.6.17-r0

0.6.19-r0

0.6.19-r1

0.6.19-r2

0.6.19-r3

0.6.20-r0

0.6.20-r1

Alpine:v3.11 / libexif

Package

Name: libexif
Purl: pkg:apk/alpine/libexif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.21-r0

Affected versions

0.*

0.6.17-r0

0.6.19-r0

0.6.19-r1

0.6.19-r2

0.6.19-r3

0.6.20-r0

0.6.20-r1

Alpine:v3.12 / libexif

Package

Name: libexif
Purl: pkg:apk/alpine/libexif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.21-r0

Affected versions

0.*

0.6.17-r0

0.6.19-r0

0.6.19-r1

0.6.19-r2

0.6.19-r3

0.6.20-r0

0.6.20-r1

Alpine:v3.8 / libexif

Package

Name: libexif
Purl: pkg:apk/alpine/libexif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.21-r0

Affected versions

0.*

0.6.17-r0

0.6.19-r0

0.6.19-r1

0.6.19-r2

0.6.19-r3

0.6.20-r0

0.6.20-r1

Alpine:v3.9 / libexif

Package

Name: libexif
Purl: pkg:apk/alpine/libexif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.21-r0

Affected versions

0.*

0.6.17-r0

0.6.19-r0

0.6.19-r1

0.6.19-r2

0.6.19-r3

0.6.20-r0

0.6.20-r1

Debian:11 / exif

Package

Name: exif
Purl: pkg:deb/debian/exif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.20-2

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / exif

Package

Name: exif
Purl: pkg:deb/debian/exif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.20-2

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / exif

Package

Name: exif
Purl: pkg:deb/debian/exif?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.6.20-2

Ecosystem specific

{
    "urgency": "low"
}