SB2017020208 - Multiple vulnerabilities in Dropbox lepton

Description

This security bulletin contains information about 5 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2016-6234)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The process_file function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (crash) via a crafted jpeg file.

2) Resource management error (CVE-ID: CVE-2016-6235)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (segmentation fault) via a crafted jpeg file.

3) Out-of-bounds read (CVE-ID: CVE-2016-6236)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The setup_imginfo_jpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg file.

4) Out-of-bounds write (CVE-ID: CVE-2016-6237)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The build_huffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds write) via a crafted jpeg file.

5) Out-of-bounds read (CVE-ID: CVE-2016-6238)

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service (out-of-bounds read) via a crafted jpeg file.

Remediation

Install update from vendor's website.

References

• http://www.openwall.com/lists/oss-security/2016/07/17/6
• https://github.com/dropbox/lepton/issues/26