CVE-2016-5637
EUVD-2016-658115.07.2016, 18:59
The restore_tqb_pixels function in libbpg 0.9.5 through 0.9.7 mishandles the transquant_bypass_enable_flag value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write) via a crafted BPG image, related to a "type confusion" issue.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| libbpg_project | libbpg | 0.9.5 ≤ 𝑥 ≤ 0.9.7 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| chromium-browser |
| ||||||||||||||||||||||||||||||||||||||||
| ffmpeg |
| ||||||||||||||||||||||||||||||||||||||||
| gst-libav1.0 |
| ||||||||||||||||||||||||||||||||||||||||
| oxide-qt |
| ||||||||||||||||||||||||||||||||||||||||
| vlc |
|
Common Weakness Enumeration