Vulnerabilities > CVE-2018-14944 - Out-of-bounds Write vulnerability in Jpeg Encoder Project Jpeg Encoder

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

jpeg-encoder-project

CWE-787

NVD

Published: 2018-08-05

Updated: 2018-10-04

Summary

An issue has been found in jpeg_encoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpeg_encoder.cpp. The signal is caused by an out-of-bounds write.

Vulnerable Configurations

Part	Description	Count
Application	Jpeg_Encoder_Project Jpeg Encoder Project Jpeg Encoder 2014-09-17 Jpeg Encoder Project Jpeg Encoder 2014-09-18 Jpeg Encoder Project Jpeg Encoder 2014-11-20 Jpeg Encoder Project Jpeg Encoder 2015-11-27	4

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/fouzhe/security/tree/master/jpeg_encoder#segv-in-function-readfrombmp
https://github.com/thejinchao/jpeg_encoder/issues/4