CVE-2013-6369

Name of the Vulnerable Software and Affected Versions JBIG-KIT versions prior to 2.1

Description The issue is related to a stack-based buffer overflow in the jbg dec in function in libjbig/jbig.c of JBIG-KIT. This can be exploited remotely, potentially leading to a denial of service (application crash) and possibly allowing the execution of arbitrary code via a crafted image file. The vulnerability may compromise the confidentiality, integrity, and availability of protected information.

Recommendations For versions prior to 2.1, update to version 2.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of the jbg dec in function in libjbig/jbig.c until a patch is available. Avoid using crafted image files that could exploit the buffer overflow in the affected function until the issue is resolved.