Daniel Reiter Horn - Security Researcher - Exploit Intelligence Platform

CVE-2017-7448 WRITEUP MEDIUM WRITEUP

Dropbox Lepton 1.2.1 - Denial of Service via Malformed JPEG Image

The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.

CVSS 5.5

View Code

CVE-2017-8891 WRITEUP MEDIUM WRITEUP

Dropbox Lepton 1.2.1 - Denial of Service via Malformed Lepton File

Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does not ensure setup of a correct number of threads.

CVSS 5.5

View Code

CVE-2018-20820 WRITEUP MEDIUM WRITEUP

Dropbox Lepton 1.2.1 - Denial of Service via Integer Overflow in read_ujpg

read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application runtime crash because of an integer overflow) via a crafted file.

CVSS 5.5

View Code