fkie_nvd - fkie_cve-2013-6630

FKIE_CVE-2013-6630

Vulnerability from fkie_nvd - Published: 2013-11-19 04:50 - Updated: 2025-04-11 00:51

Severity ?

Summary

The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image.

References

URL	Tags
cve@mitre.org	http://advisories.mageia.org/MGASA-2013-0333.html
cve@mitre.org	http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
cve@mitre.org	http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8
cve@mitre.org	http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html	Vendor Advisory
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
cve@mitre.org	http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
cve@mitre.org	http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
cve@mitre.org	http://rhn.redhat.com/errata/RHSA-2013-1803.html
cve@mitre.org	http://secunia.com/advisories/56175
cve@mitre.org	http://www.debian.org/security/2013/dsa-2799
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
cve@mitre.org	http://www.mozilla.org/security/announce/2013/mfsa2013-116.html
cve@mitre.org	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
cve@mitre.org	http://www.securitytracker.com/id/1029470
cve@mitre.org	http://www.securitytracker.com/id/1029476
cve@mitre.org	http://www.ubuntu.com/usn/USN-2052-1
cve@mitre.org	http://www.ubuntu.com/usn/USN-2053-1
cve@mitre.org	http://www.ubuntu.com/usn/USN-2060-1
cve@mitre.org	https://bugzilla.mozilla.org/show_bug.cgi?id=891693
cve@mitre.org	https://code.google.com/p/chromium/issues/detail?id=299835
cve@mitre.org	https://security.gentoo.org/glsa/201606-03
af854a3a-2127-422b-91ae-364da2661108	http://advisories.mageia.org/MGASA-2013-0333.html
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html
af854a3a-2127-422b-91ae-364da2661108	http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8
af854a3a-2127-422b-91ae-364da2661108	http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1803.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/56175
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2013/dsa-2799
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2013:273
af854a3a-2127-422b-91ae-364da2661108	http://www.mozilla.org/security/announce/2013/mfsa2013-116.html
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1029470
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1029476
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2052-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2053-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2060-1
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.mozilla.org/show_bug.cgi?id=891693
af854a3a-2127-422b-91ae-364da2661108	https://code.google.com/p/chromium/issues/detail?id=299835
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201606-03

Impacted products

Vendor	Product	Version
google	chrome	*
google	chrome	31.0.1650.0
google	chrome	31.0.1650.2
google	chrome	31.0.1650.3
google	chrome	31.0.1650.4
google	chrome	31.0.1650.5
google	chrome	31.0.1650.6
google	chrome	31.0.1650.7
google	chrome	31.0.1650.8
google	chrome	31.0.1650.9
google	chrome	31.0.1650.10
google	chrome	31.0.1650.11
google	chrome	31.0.1650.12
google	chrome	31.0.1650.13
google	chrome	31.0.1650.14
google	chrome	31.0.1650.15
google	chrome	31.0.1650.16
google	chrome	31.0.1650.17
google	chrome	31.0.1650.18
google	chrome	31.0.1650.19
google	chrome	31.0.1650.20
google	chrome	31.0.1650.22
google	chrome	31.0.1650.23
google	chrome	31.0.1650.25
google	chrome	31.0.1650.26
google	chrome	31.0.1650.27
google	chrome	31.0.1650.28
google	chrome	31.0.1650.29
google	chrome	31.0.1650.30
google	chrome	31.0.1650.31
google	chrome	31.0.1650.32
google	chrome	31.0.1650.33
google	chrome	31.0.1650.34
google	chrome	31.0.1650.35
google	chrome	31.0.1650.36
google	chrome	31.0.1650.37
google	chrome	31.0.1650.38
google	chrome	31.0.1650.39
google	chrome	31.0.1650.41
google	chrome	31.0.1650.42
google	chrome	31.0.1650.43
google	chrome	31.0.1650.44
google	chrome	31.0.1650.45
google	chrome	31.0.1650.46

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D96E10B-3A68-42C3-BC76-16371F70EFB1",
              "versionEndIncluding": "31.0.1650.47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECE0CD4B-7AF0-408C-A0A4-5C1BF99DCC6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E419AD3-959E-4CBE-AA82-6FF50ADA5F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BB7361C-D835-4EA4-A02A-517A88235E48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B8FBD4F-A625-4481-ACC3-11D1EC38E61F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "54CE56C0-FEBB-4B88-B492-7F4834F1E7D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7C5BFB2-1662-40C8-91F3-BAADA15BBDB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1591A0BA-598A-4B52-990B-D897D0717659",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "2399FF12-3C99-4822-9C7F-ACE21A75B07D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A0F6EDE-7B69-4522-880B-5D384BA165B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F05FCCF-7EF3-4AE8-9699-C59716B64FEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "2ABC4ED3-D2F4-49E4-917C-14CBD4B48217",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7DACE52-4FEE-46DB-8A3E-453927346324",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BBB25316-F742-489F-982A-F2E93CC2A991",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCDDE4F-1AFF-47BB-AEED-1162557C3ED5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DC97D41-FC3F-4257-ADCF-A18CE16BD123",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "08BB30B1-5D2B-4BF0-A9B2-E9DA58DB4421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D94E9E7-694E-4D4D-87E3-C599BF0D34E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "95693DB4-F3A3-4E9B-81BC-9659DC28266F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "543A3EED-3B52-4F32-91CB-CE519502DAFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA826854-B16A-4F3B-9B45-B20967C398CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D5EBF2E-E025-4F7F-8B59-E898526509CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "57710E9D-5ACE-43B8-87E9-B62FE8602316",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "2094C58D-F541-4622-8A85-0F29E8FA2C79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "170A2964-5947-4DDB-8AE2-C919BEF38DF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "095EF1A2-A17B-4D1D-A314-770757DBC77F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "15659D3B-13DB-447D-B680-3CBA8A153B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "206DDB27-676F-4373-A0CC-762C9F593E77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDE66FCD-C9F5-4341-983A-BED55E80C3CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E32F32F-BEFA-41E2-B77E-576662A36A45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "73CC0102-E20D-479C-AF93-1DBCD0052B10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA262B88-A7F0-4F27-A002-7CFFF097D95E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6D23D07-42C3-49E6-B381-E4F8F7392ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "66941327-5BC4-4F22-920E-5A1E9A2A2234",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "C01B6CFF-9602-4D81-BCB0-49F584B55AE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "1DC5025C-3FEC-4C14-B785-5B3B8E093BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FB6E22F-B320-449C-97A2-EB8BFB54B73E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "C13D619A-70FA-4C77-8603-6EEA8F6193D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "32059BF8-EF17-41C1-A0FC-39B41E775F3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "6636E503-0532-4E10-881E-C3E929CE5B9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2259D6-6B9F-4625-9E69-CD157748ABBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C9F265B-5685-445B-9EEB-546849AD9272",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "18F7A611-76FC-4AE4-8D5A-F7E75270FDA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:google:chrome:31.0.1650.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2AF9C17-46A4-46F4-9D22-217EDE0AFAF2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n get_dht en jdmarker.c en libjpeg-turbo hasta la versi\u00f3n 1.3.0, tal y como se usa en Google Chrome anterior a la versi\u00f3n 31.0.1650.48 y otros productos, no establece todos los elementos de un valor cadena Huffman concreto durante la lectura de segmentos que siguen marcadores Define Huffman Table (DHT) JPEG, lo que permite a atacantes remotos obtener informaci\u00f3n sensible desde localizaciones de memoria sin inicializar a trav\u00e9s de una imagen JPEG manipulada."
    }
  ],
  "id": "CVE-2013-6630",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-19T04:50:56.267",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://advisories.mageia.org/MGASA-2013-0333.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1803.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/56175"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2013/dsa-2799"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029470"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id/1029476"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-2052-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-2053-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-2060-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=891693"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://code.google.com/p/chromium/issues/detail?id=299835"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://security.gentoo.org/glsa/201606-03"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://advisories.mageia.org/MGASA-2013-0333.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1803.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/56175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2013/dsa-2799"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029470"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1029476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2052-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2053-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2060-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=891693"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://code.google.com/p/chromium/issues/detail?id=299835"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201606-03"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2013-6630 (GCVE-0-2013-6630)

Vulnerability from cvelistv5 – Published: 2013-11-15 20:00 – Updated: 2024-08-06 17:46

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://archives.neohapsis.com/archives/fulldisclo…	mailing-listx_refsource_FULLDISC
	http://lists.opensuse.org/opensuse-updates/2013-1…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1803.html	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-updates/2013-1…	vendor-advisoryx_refsource_SUSE
	http://secunia.com/advisories/56175	third-party-advisoryx_refsource_SECUNIA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://lists.opensuse.org/opensuse-updates/2014-0…	vendor-advisoryx_refsource_SUSE
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.securitytracker.com/id/1029470	vdb-entryx_refsource_SECTRACK
	https://bugzilla.mozilla.org/show_bug.cgi?id=891693	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2013-1…	vendor-advisoryx_refsource_SUSE
	http://www.mozilla.org/security/announce/2013/mfs…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2013-1…	vendor-advisoryx_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2013-1…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2014-0…	vendor-advisoryx_refsource_SUSE
	http://googlechromereleases.blogspot.com/2013/11/…	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1029476	vdb-entryx_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://security.gentoo.org/glsa/201606-03	vendor-advisoryx_refsource_GENTOO
	http://lists.opensuse.org/opensuse-updates/2013-1…	vendor-advisoryx_refsource_SUSE
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-2052-1	vendor-advisoryx_refsource_UBUNTU
	http://www.debian.org/security/2013/dsa-2799	vendor-advisoryx_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://git.chromium.org/gitweb/?p=chromium/deps/l…	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://code.google.com/p/chromium/issues/detail?…	x_refsource_CONFIRM
	http://advisories.mageia.org/MGASA-2013-0333.html	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
	http://www.ubuntu.com/usn/USN-2060-1	vendor-advisoryx_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2053-1	vendor-advisoryx_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:46:22.221Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20131112 bugs in IJG jpeg6b \u0026 libjpeg-turbo",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html"
          },
          {
            "name": "openSUSE-SU-2013:1958",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
          },
          {
            "name": "RHSA-2013:1803",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1803.html"
          },
          {
            "name": "openSUSE-SU-2013:1957",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
          },
          {
            "name": "56175",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56175"
          },
          {
            "name": "FEDORA-2013-23127",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
          },
          {
            "name": "openSUSE-SU-2014:0065",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
          },
          {
            "name": "FEDORA-2013-23519",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
          },
          {
            "name": "1029470",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029470"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=891693"
          },
          {
            "name": "openSUSE-SU-2013:1917",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html"
          },
          {
            "name": "openSUSE-SU-2013:1959",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
          },
          {
            "name": "openSUSE-SU-2013:1916",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
          },
          {
            "name": "openSUSE-SU-2014:0008",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
          },
          {
            "name": "1029476",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1029476"
          },
          {
            "name": "openSUSE-SU-2013:1776",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
          },
          {
            "name": "GLSA-201606-03",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201606-03"
          },
          {
            "name": "openSUSE-SU-2013:1918",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
          },
          {
            "name": "FEDORA-2013-23291",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
          },
          {
            "name": "USN-2052-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2052-1"
          },
          {
            "name": "DSA-2799",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2013/dsa-2799"
          },
          {
            "name": "openSUSE-SU-2013:1861",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8"
          },
          {
            "name": "openSUSE-SU-2013:1777",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium/issues/detail?id=299835"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2013-0333.html"
          },
          {
            "name": "MDVSA-2013:273",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273"
          },
          {
            "name": "USN-2060-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2060-1"
          },
          {
            "name": "USN-2053-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2053-1"
          },
          {
            "name": "FEDORA-2013-23295",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-09-30T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20131112 bugs in IJG jpeg6b \u0026 libjpeg-turbo",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html"
        },
        {
          "name": "openSUSE-SU-2013:1958",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
        },
        {
          "name": "RHSA-2013:1803",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1803.html"
        },
        {
          "name": "openSUSE-SU-2013:1957",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
        },
        {
          "name": "56175",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56175"
        },
        {
          "name": "FEDORA-2013-23127",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
        },
        {
          "name": "openSUSE-SU-2014:0065",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
        },
        {
          "name": "FEDORA-2013-23519",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
        },
        {
          "name": "1029470",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029470"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=891693"
        },
        {
          "name": "openSUSE-SU-2013:1917",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html"
        },
        {
          "name": "openSUSE-SU-2013:1959",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
        },
        {
          "name": "openSUSE-SU-2013:1916",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
        },
        {
          "name": "openSUSE-SU-2014:0008",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
        },
        {
          "name": "1029476",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1029476"
        },
        {
          "name": "openSUSE-SU-2013:1776",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
        },
        {
          "name": "GLSA-201606-03",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201606-03"
        },
        {
          "name": "openSUSE-SU-2013:1918",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
        },
        {
          "name": "FEDORA-2013-23291",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
        },
        {
          "name": "USN-2052-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2052-1"
        },
        {
          "name": "DSA-2799",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2013/dsa-2799"
        },
        {
          "name": "openSUSE-SU-2013:1861",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git%3Ba=commit%3Bh=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8"
        },
        {
          "name": "openSUSE-SU-2013:1777",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium/issues/detail?id=299835"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2013-0333.html"
        },
        {
          "name": "MDVSA-2013:273",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273"
        },
        {
          "name": "USN-2060-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2060-1"
        },
        {
          "name": "USN-2053-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2053-1"
        },
        {
          "name": "FEDORA-2013-23295",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-6630",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The get_dht function in jdmarker.c in libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48 and other products, does not set all elements of a certain Huffman value array during the reading of segments that follow Define Huffman Table (DHT) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20131112 bugs in IJG jpeg6b \u0026 libjpeg-turbo",
              "refsource": "FULLDISC",
              "url": "http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0080.html"
            },
            {
              "name": "openSUSE-SU-2013:1958",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00120.html"
            },
            {
              "name": "RHSA-2013:1803",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1803.html"
            },
            {
              "name": "openSUSE-SU-2013:1957",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00119.html"
            },
            {
              "name": "56175",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56175"
            },
            {
              "name": "FEDORA-2013-23127",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/123437.html"
            },
            {
              "name": "openSUSE-SU-2014:0065",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00042.html"
            },
            {
              "name": "FEDORA-2013-23519",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124257.html"
            },
            {
              "name": "1029470",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029470"
            },
            {
              "name": "https://bugzilla.mozilla.org/show_bug.cgi?id=891693",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=891693"
            },
            {
              "name": "openSUSE-SU-2013:1917",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00086.html"
            },
            {
              "name": "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html",
              "refsource": "CONFIRM",
              "url": "http://www.mozilla.org/security/announce/2013/mfsa2013-116.html"
            },
            {
              "name": "openSUSE-SU-2013:1959",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00121.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
            },
            {
              "name": "openSUSE-SU-2013:1916",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00085.html"
            },
            {
              "name": "openSUSE-SU-2014:0008",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00002.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html"
            },
            {
              "name": "1029476",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1029476"
            },
            {
              "name": "openSUSE-SU-2013:1776",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00025.html"
            },
            {
              "name": "GLSA-201606-03",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201606-03"
            },
            {
              "name": "openSUSE-SU-2013:1918",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00087.html"
            },
            {
              "name": "FEDORA-2013-23291",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2014-January/125470.html"
            },
            {
              "name": "USN-2052-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2052-1"
            },
            {
              "name": "DSA-2799",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2013/dsa-2799"
            },
            {
              "name": "openSUSE-SU-2013:1861",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-12/msg00002.html"
            },
            {
              "name": "http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git;a=commit;h=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8",
              "refsource": "CONFIRM",
              "url": "http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git;a=commit;h=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8"
            },
            {
              "name": "openSUSE-SU-2013:1777",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00026.html"
            },
            {
              "name": "https://code.google.com/p/chromium/issues/detail?id=299835",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium/issues/detail?id=299835"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2013-0333.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2013-0333.html"
            },
            {
              "name": "MDVSA-2013:273",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:273"
            },
            {
              "name": "USN-2060-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2060-1"
            },
            {
              "name": "USN-2053-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2053-1"
            },
            {
              "name": "FEDORA-2013-23295",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-December/124108.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-6630",
    "datePublished": "2013-11-15T20:00:00",
    "dateReserved": "2013-11-05T00:00:00",
    "dateUpdated": "2024-08-06T17:46:22.221Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2013-6630

CVE-2013-6630 (GCVE-0-2013-6630)

Tags

Sightings

Nomenclature