CVE-2020-0207

In nextmarker of jdmarker.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID:...

CVE-2020-0207

CVE-2020-0207 affects Android 10 with an out-of-bounds read in next_marker() in jdmarker.c caused by improper input validation. This can lead to remote information disclosure; exploitation requires user interaction. The issue is documented across multiple sources (NVD, Red Hat, CVE lists) with a ...

Information Disclosure

libjpeg-turbo is vulnerable to information disclosure attacks. The vulnerability exists due to the getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplication...

libjpeg: information leak (read of uninitialized memory)

The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...

libjpeg: information leak (read of uninitialized memory)

The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...

libjpeg: information leak (read of uninitialized memory)

The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...

CVE-2013-6630

The getdht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table DHT JPEG markers, which allows remote...

CVE-2013-6629

The getsos function in jdmarker.c in 1 libjpeg 6b and 2 libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan SOS JPEG markers,...

Heap overflow

Heap-based buffer overflow in the getsos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a large component count in the header of a JPEG image...