CVE-2013-6629

The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Affected Products (NVD)
VendorProductVersion
googlechrome
𝑥
< 31.0.1650.48
oraclesolaris
11.3
artifexgpl_ghostscript
𝑥
< 9.03
libjpeg-turbolibjpeg-turbo
𝑥
< 1.3.1
opensuseopensuse
12.2
opensuseopensuse
12.3
opensuseopensuse
13.1
canonicalubuntu_linux
10.04
canonicalubuntu_linux
12.04
canonicalubuntu_linux
12.10
canonicalubuntu_linux
13.04
canonicalubuntu_linux
13.10
debiandebian_linux
7.0
debiandebian_linux
8.0
mozillafirefox
𝑥
< 24.2
mozillafirefox
𝑥
< 26.0
mozillaseamonkey
𝑥
< 2.23
mozillathunderbird
𝑥
< 24.2.0
𝑥
= Vulnerable software versions
Windows Releases
Platform
Version
Windows 10
(x64, x86)
KB4015221
1511 (x64, x86)
KB4015219
1607 (x64, x86)
KB4015217
1703 (x64, x86)
KB4015583
Windows 7
Service Pack 1 (x64, x86)
KB4015549
Windows 8.1
(x64, x86)
KB4015550
Windows RT 8.1
All
KB4015550
Windows Server 2008
Service Pack 2 (x64, x86)
KB4015383
Service Pack 2 Server Core (x64)
KB4015383
Windows Server 2008 R2
Service Pack 1 (x64)
KB4015549
Service Pack 1 Server Core (x64)
KB4015549
Windows Server 2012
Server Core
KB4015551
Standard
KB4015551
Windows Server 2012 R2
Server Core
KB4015550
Standard
KB4015550
Windows Server 2016
Server Core
KB4015217
Standard
KB4015217
Windows Vista
Service Pack 2
KB4015383
x64 Edition
KB4015383
Debian logo
Debian Releases
Debian Product
Codename
libjpeg-turbo
bookworm
1:2.1.5-2
fixed
bullseye
1:2.0.6-4
fixed
sid
1:2.1.5-3
fixed
squeeze
no-dsa
trixie
1:2.1.5-3
fixed
libjpeg6b
sid
1:6b2-3.1
fixed
squeeze
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firefox
lucid
ignored
precise
Fixed 26.0+build2-0ubuntu0.12.04.2
released
quantal
Fixed 26.0+build2-0ubuntu0.12.10.2
released
raring
Fixed 26.0+build2-0ubuntu0.13.04.2
released
saucy
Fixed 26.0+build2-0ubuntu0.13.10.2
released
libjpeg-turbo
lucid
dne
precise
Fixed 1.1.90+svn733-0ubuntu4.3
released
quantal
Fixed 1.2.1-0ubuntu2.12.10.1
released
raring
Fixed 1.2.1-0ubuntu2.13.04.1
released
saucy
Fixed 1.3.0-0ubuntu1.1
released
libjpeg6b
lucid
Fixed 6b-15ubuntu1.1
released
precise
Fixed 6b1-2ubuntu1.1
released
quantal
Fixed 6b1-2ubuntu2.1
released
raring
Fixed 6b1-3ubuntu1.13.04.1
released
saucy
Fixed 6b1-3ubuntu1.13.10.1
released
openjdk-7
lucid
dne
precise
ignored
quantal
ignored
saucy
ignored
trusty
dne
thunderbird
lucid
ignored
precise
Fixed 1:24.2.0+build1-0ubuntu0.12.04.1
released
quantal
Fixed 1:24.2.0+build1-0ubuntu0.12.10.1
released
raring
Fixed 1:24.2.0+build1-0ubuntu0.13.04.1
released
saucy
Fixed 1:24.2.0+build1-0ubuntu0.13.10.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
MozillaFirefox
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 12 SP5
68.1.0-109.92.1
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 12 SP5
68.1.0-109.92.1
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaFirefox-devel
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaFirefox-translations-common
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 12 SP5
68.1.0-109.92.1
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 12 SP5
68.1.0-109.92.1
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaFirefox-translations-other
suse enterprise desktop 15
52.7.3-1.35
fixed
suse enterprise sap 15
52.7.3-1.35
fixed
suse enterprise server 15
52.7.3-1.35
fixed
MozillaThunderbird
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise desktop 15 SP1
60.6.1-3.28.1
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise sap 15 SP1
60.6.1-3.28.1
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise server 15 SP1
60.6.1-3.28.1
fixed
suse enterprise workstation 15
52.8-1.2
fixed
suse enterprise workstation 15 SP1
60.6.1-3.28.1
fixed
MozillaThunderbird-devel
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise workstation 15
52.8-1.2
fixed
MozillaThunderbird-translations-common
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise desktop 15 SP1
60.6.1-3.28.1
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise sap 15 SP1
60.6.1-3.28.1
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise server 15 SP1
60.6.1-3.28.1
fixed
suse enterprise workstation 15
52.8-1.2
fixed
suse enterprise workstation 15 SP1
60.6.1-3.28.1
fixed
MozillaThunderbird-translations-other
suse enterprise desktop 15
52.8-1.2
fixed
suse enterprise desktop 15 SP1
60.6.1-3.28.1
fixed
suse enterprise sap 15
52.8-1.2
fixed
suse enterprise sap 15 SP1
60.6.1-3.28.1
fixed
suse enterprise server 15
52.8-1.2
fixed
suse enterprise server 15 SP1
60.6.1-3.28.1
fixed
suse enterprise workstation 15
52.8-1.2
fixed
suse enterprise workstation 15 SP1
60.6.1-3.28.1
fixed
java-1_7_0-openjdk
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.6-1jpp.1.el6_5
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.16.0-1jpp.1.el6_5
fixed
java-1.7.0-ibm
RHEL 6
1:1.7.0.7.0-1jpp.1.el6_5
fixed
java-1.7.0-ibm-demo
RHEL 6
1:1.7.0.7.0-1jpp.1.el6_5
fixed
java-1.7.0-ibm-devel
RHEL 6
1:1.7.0.7.0-1jpp.1.el6_5
fixed
java-1.7.0-ibm-jdbc
RHEL 6
1:1.7.0.7.0-1jpp.1.el6_5
fixed
java-1.7.0-ibm-plugin
RHEL 6
1:1.7.0.7.0-1jpp.1.el6_5
fixed
java-1.7.0-ibm-src
RHEL 6
1:1.7.0.7.0-1jpp.1.el6_5
fixed
java-1.7.0-oracle
RHEL 6
1:1.7.0.55-1jpp.1.el6_5
fixed
java-1.7.0-oracle-devel
RHEL 6
1:1.7.0.55-1jpp.1.el6_5
fixed
java-1.7.0-oracle-javafx
RHEL 6
1:1.7.0.55-1jpp.1.el6_5
fixed
java-1.7.0-oracle-jdbc
RHEL 6
1:1.7.0.55-1jpp.1.el6_5
fixed
java-1.7.0-oracle-plugin
RHEL 6
1:1.7.0.55-1jpp.1.el6_5
fixed
java-1.7.0-oracle-src
RHEL 6
1:1.7.0.55-1jpp.1.el6_5
fixed
java-1.7.1-ibm
RHEL 7
1:1.7.1.1.0-1jpp.2.el7_0
fixed
java-1.7.1-ibm-demo
RHEL 7
1:1.7.1.1.0-1jpp.2.el7_0
fixed
java-1.7.1-ibm-devel
RHEL 7
1:1.7.1.1.0-1jpp.2.el7_0
fixed
java-1.7.1-ibm-jdbc
RHEL 7
1:1.7.1.1.0-1jpp.2.el7_0
fixed
java-1.7.1-ibm-plugin
RHEL 7
1:1.7.1.1.0-1jpp.2.el7_0
fixed
java-1.7.1-ibm-src
RHEL 7
1:1.7.1.1.0-1jpp.2.el7_0
fixed
libjpeg-turbo
RHEL 6
0:1.2.1-3.el6_5
fixed
libjpeg-turbo-devel
RHEL 6
0:1.2.1-3.el6_5
fixed
libjpeg-turbo-static
RHEL 6
0:1.2.1-3.el6_5
fixed
Common Weakness Enumeration
References
http://advisories.mageia.org/MGASA-2013-0333.html
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
http://bugs.ghostscript.com/show_bug.cgi?id=686980
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2013-1803.html
http://rhn.redhat.com/errata/RHSA-2013-1804.html
http://secunia.com/advisories/56175
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://support.apple.com/kb/HT6150
http://support.apple.com/kb/HT6162
http://support.apple.com/kb/HT6163
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
http://www.debian.org/security/2013/dsa-2799
http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
http://www.mozilla.org/security/announce/2013/mfsa2013-116.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/63676
http://www.securitytracker.com/id/1029470
http://www.securitytracker.com/id/1029476
http://www.ubuntu.com/usn/USN-2052-1
http://www.ubuntu.com/usn/USN-2053-1
http://www.ubuntu.com/usn/USN-2060-1
https://access.redhat.com/errata/RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0414
https://bugzilla.mozilla.org/show_bug.cgi?id=891693
https://code.google.com/p/chromium/issues/detail?id=258723
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629
https://security.gentoo.org/glsa/201606-03
https://src.chromium.org/viewvc/chrome?revision=229729&view=revision
https://www.ibm.com/support/docview.wss?uid=swg21675973
http://advisories.mageia.org/MGASA-2013-0333.html
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
http://bugs.ghostscript.com/show_bug.cgi?id=686980
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2013-1803.html
http://rhn.redhat.com/errata/RHSA-2013-1804.html
http://secunia.com/advisories/56175
http://secunia.com/advisories/58974
http://secunia.com/advisories/59058
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://support.apple.com/kb/HT6150
http://support.apple.com/kb/HT6162
http://support.apple.com/kb/HT6163
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
http://www.debian.org/security/2013/dsa-2799
http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
http://www.mozilla.org/security/announce/2013/mfsa2013-116.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/63676
http://www.securitytracker.com/id/1029470
http://www.securitytracker.com/id/1029476
http://www.ubuntu.com/usn/USN-2052-1
http://www.ubuntu.com/usn/USN-2053-1
http://www.ubuntu.com/usn/USN-2060-1
https://access.redhat.com/errata/RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0414
https://bugzilla.mozilla.org/show_bug.cgi?id=891693
https://code.google.com/p/chromium/issues/detail?id=258723
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2013-6629
https://security.gentoo.org/glsa/201606-03
https://src.chromium.org/viewvc/chrome?revision=229729&view=revision
https://www.ibm.com/support/docview.wss?uid=swg21675973