Skip to main content

Libjpeg Turbo CVE-2016-3616

HIGH
NULL Pointer Dereference (CWE-476)
2017-02-13 cve@mitre.org
8.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Feb 13, 2017 - 18:59 cve.org
HIGH 8.8

DescriptionCVE.org

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file.

AnalysisAI

The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. The cjpeg utility in libjpeg allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or execute arbitrary code via a crafted file. Affected products include: Libjpeg-Turbo, Redhat Enterprise Linux, Debian Debian Linux, Canonical Ubuntu Linux.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

CVE-2017-9614 HIGH POC
8.8 Jul 27

The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service

CVE-2020-13790 HIGH POC
8.1 Jun 03

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in get_rgb_row() in rdppm.c via a malformed PP

CVE-2017-15232 MEDIUM POC
6.5 Oct 11

libjpeg-turbo 1.5.2 has a NULL Pointer Dereference in jdpostct.c and jquant1.c via a crafted JPEG file. Rated medium sev

CVE-2023-2804 MEDIUM POC
6.5 May 25

A heap-based buffer overflow issue was discovered in libjpeg-turbo in h2v2_merged_upsample_internal() function of jdmrge

CVE-2018-19664 MEDIUM POC
6.5 Nov 29

libjpeg-turbo 2.0.1 has a heap-based buffer over-read in the put_pixel_rows function in wrbmp.c, as demonstrated by djpe

CVE-2019-13960 MEDIUM POC
5.5 Jul 18

In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image cont

CVE-2012-2806 HIGH
8.8 Aug 13

Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause

CVE-2018-20330 HIGH
8.8 Dec 21

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via

CVE-2014-9092 MEDIUM
6.5 Oct 10

libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related

CVE-2021-20205 MEDIUM
6.5 Mar 10

Libjpeg-turbo versions 2.0.91 and 2.0.90 is vulnerable to a denial of service vulnerability caused by a divide by zero w

CVE-2018-1152 MEDIUM
6.5 Jun 18

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a cra

CVE-2013-6629 MEDIUM
5.0 Nov 19

The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome befor

Share

CVE-2016-3616 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy