Lucene search

K
ubuntuUbuntuUSN-2060-1
HistoryDec 19, 2013 - 12:00 a.m.

libjpeg, libjpeg-turbo vulnerabilities

2013-12-1900:00:00
ubuntu.com
71

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.3%

Releases

  • Ubuntu 13.10
  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • libjpeg-turbo - library for handling JPEG files
  • libjpeg6b - library for handling JPEG files

Details

Michal Zalewski discovered that libjpeg and libjpeg-turbo incorrectly
handled certain memory operations. An attacker could use this issue with
a specially-crafted JPEG file to possibly expose sensitive information.

OSVersionArchitecturePackageVersionFilename
Ubuntu13.10noarchlibjpeg-turbo8< 1.3.0-0ubuntu1.1UNKNOWN
Ubuntu13.10noarchlibjpeg-turbo-progs< 1.3.0-0ubuntu1.1UNKNOWN
Ubuntu13.10noarchlibjpeg-turbo-test< 1.3.0-0ubuntu1.1UNKNOWN
Ubuntu13.10noarchlibjpeg-turbo8-dbg< 1.3.0-0ubuntu1.1UNKNOWN
Ubuntu13.10noarchlibjpeg-turbo8-dev< 1.3.0-0ubuntu1.1UNKNOWN
Ubuntu13.10noarchlibturbojpeg< 1.3.0-0ubuntu1.1UNKNOWN
Ubuntu13.10noarchlibjpeg62< 6b1-3ubuntu1.13.10.1UNKNOWN
Ubuntu13.10noarchlibjpeg62-dbg< 6b1-3ubuntu1.13.10.1UNKNOWN
Ubuntu13.10noarchlibjpeg62-dev< 6b1-3ubuntu1.13.10.1UNKNOWN
Ubuntu13.04noarchlibjpeg-turbo8< 1.2.1-0ubuntu2.13.04.1UNKNOWN
Rows per page:
1-10 of 401

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.3

Confidence

Low

EPSS

0.006

Percentile

78.3%