CVE-2016-6235

Name of the Vulnerable Software and Affected Versions Dropbox lepton version 1.0

Description The issue allows remote attackers to cause a denial of service, resulting in a segmentation fault, by providing a crafted jpeg file. This is due to a problem in the setup imginfo jpg function located in lepton/jpgcoder.cc.

Recommendations For version 1.0, consider avoiding the use of the setup imginfo jpg function until a patch is available. As a temporary workaround, restrict the processing of jpeg files from untrusted sources to minimize the risk of exploitation.