MEDIUM🇬🇧 English

CVE-2017-7448

CVSS 5.5v3.0pub. 2017-04-05upd. 2026-05-13

The allocate_channel_framebuffer function in uncompressed_components.hh in Dropbox Lepton 1.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a malformed JPEG image.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
  • Dropbox Lepton

    APP
    Dropbox
    1.2.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2022-26181HIGH7.8ten sam produkt

Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_de...

CVE-2018-20819HIGH7.8ten sam produkt

io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denia...

CVE-2018-20820MEDIUM5.5ten sam produkt

read_ujpg in jpgcoder.cc in Dropbox Lepton 1.2.1 allows attackers to cause a denial-of-service (application ru...

CVE-2018-12108MEDIUM5.5ten sam produkt

An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remo...

CVE-2017-8891MEDIUM5.5ten sam produkt

Dropbox Lepton 1.2.1 allows DoS (SEGV and application crash) via a malformed lepton file because the code does...

CVE-2017-7448 — MEDIUM 5.5 | CVEbaza.pl