CVE-2013-1441
ExactImage < 0.8.9 - Denial of Service via Crafted Image File
Title source: llmDescription
econvert in ExactImage 0.8.9 and earlier does not properly initialize the setjmp variable, which allows context-dependent users to cause a denial of service (crash) via a crafted image file.
References (3)
Core 3
Core References
Various Sources x_refsource_confirm
http://anonscm.debian.org/gitweb/?p=collab-maint/exactimage.git%3Ba=commitdiff%3Bh=1dff2eb586a3d10d8528a984bc471292e3789f5c%3Bhp=acfe54193b18b46e880f4b474d2e40b4fdb44a8d
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2013/dsa-2754
Patch mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/09/05/8
Scores
EPSS
0.0126
EPSS Percentile
66.2%
Details
CWE
CWE-20
Status
published
Products (50)
exactcode/exactimage
0.0.1
exactcode/exactimage
0.0.2
exactcode/exactimage
0.0.3
exactcode/exactimage
0.0.4
exactcode/exactimage
0.0.5
exactcode/exactimage
0.0.6
exactcode/exactimage
0.0.7
exactcode/exactimage
0.0.8
exactcode/exactimage
0.0.9
exactcode/exactimage
0.0.10
... and 40 more
Published
Sep 16, 2013
Tracked Since
Feb 18, 2026