[Pkg-tigervnc-devel] Bug#768369: Stack smashing in libjpeg-turbo
cve-assign at mitre.org
cve-assign at mitre.org
Wed Nov 26 07:48:14 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768369#114
>
> I created a minimal test case in around 200 lines.
>
> It uses a file with the intercepted scanlines of the calls to jpeg_write_scanlines.
>
> Also the Exif marker is read from such a file.
> (And without this Exif marker the stack smash does not happen...)
Use CVE-2014-9092.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)
iQEcBAEBAgAGBQJUdYGqAAoJEKllVAevmvmsA7QH/ijNNlUkWF2Vst56xw9AZNUN
dYdTRNXISkzOotHcglCpOomIzjbTWy4ablsLxryr0kUc4ZjIc5RlZuCTKAaVJ+EC
RgphhkmFHkKNqPSVMLtIOpP4ZX/0uPSKAMlzoXsRzRgmEBG6pnYnokJTa47sit26
iSpvAqXUNwJ/ZA14eUFMDdP6FbpOB4wmHS9h5nnUO7lzhmM/93XasD6WluBB0EBo
F9xZ/a0pCfEV+9RwKMiGsr2w+nPYDzUWlnrNbVnw8ou9msI/tolGadUbbwCM1NY9
FiemAFw4ZRExQIjDKaubApDlNuYzckmDNvBWJkwdVIJvBvQqNPVmUMP4MefDGhw=
=F4GF
-----END PGP SIGNATURE-----
More information about the Pkg-tigervnc-devel
mailing list