PT-2022-7206 · Stb+2 · Stb+2
Nbickford-Nv
·
Published
2022-02-17
·
Updated
2022-05-10
·
CVE-2022-28048
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
STB version 2.27
Description
The issue is related to an integer shift of invalid size in the
stbi jpeg decode block prog ac component. This can allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service due to incorrect calculation.Recommendations
For STB version 2.27, consider updating to a newer version that addresses the integer shift issue in the
stbi jpeg decode block prog ac component.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Astra Linux
Debian
Stb