CVE-2012-2806 - Vulnerability Details - OpenCVE

Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
D.r.commander	Libjpeg-turbo

Configuration 1 [-]

cpe:2.3:a:d.r.commander:libjpeg-turbo:1.2.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830
http://osvdb.org/84040
http://secunia.com/advisories/49883
http://secunia.com/advisories/50753
http://security.gentoo.org/glsa/glsa-201209-13.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:121
http://www.openwall.com/lists/oss-security/2012/07/17/3
http://www.securityfocus.com/bid/54480
https://bugzilla.mozilla.org/show_bug.cgi?id=759802
https://bugzilla.redhat.com/show_bug.cgi?id=826849
https://exchange.xforce.ibmcloud.com/vulnerabilities/76952

History

Sat, 12 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.02359}`	epss `{'score': 0.01364}`

Tue, 21 Jan 2025 20:15:00 +0000

Type	Values Removed	Values Added
Metrics		cvssV3_1 `{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H'}` ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Chrome

Published: 2012-08-13T20:00:00

Updated: 2025-01-21T19:56:25.937Z

Reserved: 2012-05-19T00:00:00

Link: CVE-2012-2806

Vulnrichment

Updated: 2024-08-06T19:42:32.554Z

NVD

Status : Deferred

Published: 2012-08-13T20:55:08.163

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-2806

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-07-17T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome"}, "references": [{"name": "54480", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/54480"}, {"name": "MDVSA-2012:121", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802"}, {"name": "49883", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49883"}, {"name": "50753", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50753"}, {"name": "84040", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/84040"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830"}, {"name": "libjpegturbo-getsos-bo(76952)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952"}, {"name": "GLSA-201209-13", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201209-13.xml"}, {"name": "[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/07/17/3"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2012-2806", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "54480", "refsource": "BID", "url": "http://www.securityfocus.com/bid/54480"}, {"name": "MDVSA-2012:121", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121"}, {"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802", "refsource": "MISC", "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802"}, {"name": "49883", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/49883"}, {"name": "50753", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50753"}, {"name": "84040", "refsource": "OSVDB", "url": "http://osvdb.org/84040"}, {"name": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830", "refsource": "CONFIRM", "url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830"}, {"name": "libjpegturbo-getsos-bo(76952)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952"}, {"name": "GLSA-201209-13", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201209-13.xml"}, {"name": "[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/07/17/3"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=826849", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:42:32.554Z"}, "title": "CVE Program Container", "references": [{"name": "54480", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/54480"}, {"name": "MDVSA-2012:121", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802"}, {"name": "49883", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/49883"}, {"name": "50753", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50753"}, {"name": "84040", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/84040"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830"}, {"name": "libjpegturbo-getsos-bo(76952)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952"}, {"name": "GLSA-201209-13", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201209-13.xml"}, {"name": "[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/07/17/3"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-787", "lang": "en", "description": "CWE-787 Out-of-bounds Write"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-21T19:56:19.824480Z", "id": "CVE-2012-2806", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-21T19:56:25.937Z"}}]}, "cveMetadata": {"assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "assignerShortName": "Chrome", "cveId": "CVE-2012-2806", "datePublished": "2012-08-13T20:00:00", "dateReserved": "2012-05-19T00:00:00", "dateUpdated": "2025-01-21T19:56:25.937Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.securityfocus.com/bid/54480", "name": "54480", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121", "name": "MDVSA-2012:121", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "http://secunia.com/advisories/49883", "name": "49883", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://secunia.com/advisories/50753", "name": "50753", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"]}, {"url": "http://osvdb.org/84040", "name": "84040", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"]}, {"url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952", "name": "libjpegturbo-getsos-bo(76952)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"]}, {"url": "http://security.gentoo.org/glsa/glsa-201209-13.xml", "name": "GLSA-201209-13", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2012/07/17/3", "name": "[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:42:32.554Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2012-2806", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-01-21T19:56:19.824480Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787 Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-21T19:55:38.122Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-07-17T00:00:00", "references": [{"url": "http://www.securityfocus.com/bid/54480", "name": "54480", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121", "name": "MDVSA-2012:121", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"]}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802", "tags": ["x_refsource_MISC"]}, {"url": "http://secunia.com/advisories/49883", "name": "49883", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://secunia.com/advisories/50753", "name": "50753", "tags": ["third-party-advisory", "x_refsource_SECUNIA"]}, {"url": "http://osvdb.org/84040", "name": "84040", "tags": ["vdb-entry", "x_refsource_OSVDB"]}, {"url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952", "name": "libjpegturbo-getsos-bo(76952)", "tags": ["vdb-entry", "x_refsource_XF"]}, {"url": "http://security.gentoo.org/glsa/glsa-201209-13.xml", "name": "GLSA-201209-13", "tags": ["vendor-advisory", "x_refsource_GENTOO"]}, {"url": "http://www.openwall.com/lists/oss-security/2012/07/17/3", "name": "[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images", "tags": ["mailing-list", "x_refsource_MLIST"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "shortName": "Chrome", "dateUpdated": "2017-08-28T12:57:01"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/54480", "name": "54480", "refsource": "BID"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121", "name": "MDVSA-2012:121", "refsource": "MANDRIVA"}, {"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802", "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802", "refsource": "MISC"}, {"url": "http://secunia.com/advisories/49883", "name": "49883", "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/50753", "name": "50753", "refsource": "SECUNIA"}, {"url": "http://osvdb.org/84040", "name": "84040", "refsource": "OSVDB"}, {"url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830", "name": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830", "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952", "name": "libjpegturbo-getsos-bo(76952)", "refsource": "XF"}, {"url": "http://security.gentoo.org/glsa/glsa-201209-13.xml", "name": "GLSA-201209-13", "refsource": "GENTOO"}, {"url": "http://www.openwall.com/lists/oss-security/2012/07/17/3", "name": "[oss-security] 20120717 libjpeg-turbo: Heap-based buffer overflow when decompressing corrupt JPEG images", "refsource": "MLIST"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=826849", "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-2806", "STATE": "PUBLIC", "ASSIGNER": "[email protected]"}}}}, "cveMetadata": {"cveId": "CVE-2012-2806", "state": "PUBLISHED", "dateUpdated": "2025-01-21T19:56:25.937Z", "dateReserved": "2012-05-19T00:00:00", "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28", "datePublished": "2012-08-13T20:00:00", "assignerShortName": "Chrome"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:d.r.commander:libjpeg-turbo:1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "625C4F27-4A5D-48D0-9F14-5C06D407257F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the get_sos function in jdmarker.c in libjpeg-turbo 1.2.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a large component count in the header of a JPEG image."}, {"lang": "es", "value": "Un desbordamiento de b\u00fafer basado en memoria din\u00e1mica ('heap') en la funci\u00f3n get_sos en jdmarker.c en libjpeg-turbo v1.2.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) y posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un n\u00famero de componentes demasiado grande en el encabezado de una imagen JPEG.\r\n"}], "id": "CVE-2012-2806", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2012-08-13T20:55:08.163", "references": [{"source": "[email protected]", "tags": ["Product"], "url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830"}, {"source": "[email protected]", "tags": ["Broken Link"], "url": "http://osvdb.org/84040"}, {"source": "[email protected]", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/49883"}, {"source": "[email protected]", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/50753"}, {"source": "[email protected]", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201209-13.xml"}, {"source": "[email protected]", "tags": ["Not Applicable"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121"}, {"source": "[email protected]", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2012/07/17/3"}, {"source": "[email protected]", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/54480"}, {"source": "[email protected]", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802"}, {"source": "[email protected]", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849"}, {"source": "[email protected]", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Product"], "url": "http://libjpeg-turbo.svn.sourceforge.net/viewvc/libjpeg-turbo?view=revision&revision=830"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/84040"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/49883"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/50753"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201209-13.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:121"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2012/07/17/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/54480"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=759802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=826849"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/76952"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "[email protected]", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}