Oval Definition:	oval:com.ubuntu.precise:def:20136629000
Revision Date: 2013-11-18 Version: 1 Title: CVE-2013-6629 on Ubuntu 12.04 LTS (precise) - medium. Description: The get_sos function in jdmarker.c in (1) libjpeg 6b and (2) libjpeg-turbo through 1.3.0, as used in Google Chrome before 31.0.1650.48, Ghostscript, and other products, does not check for certain duplications of component data during the reading of segments that follow Start Of Scan (SOS) JPEG markers, which allows remote attackers to obtain sensitive information from uninitialized memory locations via a crafted JPEG image. Family: unix Class: vulnerability Status: Reference(s): CVE-2013-6629 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'firefox' package in precise was vulnerable but has been fixed (note: '26.0+build2-0ubuntu0.12.04.2'). OR The 'libjpeg-turbo' package in precise was vulnerable but has been fixed (note: '1.1.90+svn733-0ubuntu4.3'). OR The 'libjpeg6b' package in precise was vulnerable but has been fixed (note: '6b1-2ubuntu1.1'). OR While related to the CVE in some way, a decision has been made to ignore it (note: 'uses system libjpeg6b'). OR The 'thunderbird' package in precise was vulnerable but has been fixed (note: '1:24.2.0+build1-0ubuntu0.12.04.1').
BACK