econvert in ExactImage 0.8.9 and earlier does not properly initialize the setjmp variable, which allows context-dependent users to cause a denial of service (crash) via a crafted image file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_name": "edisplay", "binary_version": "0.8.9-3build1" }, { "binary_name": "exactimage", "binary_version": "0.8.9-3build1" }, { "binary_name": "exactimage-dbg", "binary_version": "0.8.9-3build1" }, { "binary_name": "libexactimage-perl", "binary_version": "0.8.9-3build1" }, { "binary_name": "php5-exactimage", "binary_version": "0.8.9-3build1" }, { "binary_name": "python-exactimage", "binary_version": "0.8.9-3build1" } ] }