Candidate: CVE-2016-6238
PublicDate: 2017-02-02 16:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6238
 http://www.openwall.com/lists/oss-security/2016/07/17/6
Description:
 The write_ujpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows
 remote attackers to cause denial of service (out-of-bounds read) via a
 crafted jpeg file.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831814
Priority: medium
Discovered-by: Marco Grassi
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H [5.5 MEDIUM]

Patches_lepton:
upstream_lepton: needs-triage
precise_lepton: DNE
precise/esm_lepton: DNE
trusty_lepton: DNE
trusty/esm_lepton: DNE
vivid/stable-phone-overlay_lepton: DNE
vivid/ubuntu-core_lepton: DNE
wily_lepton: DNE
xenial_lepton: DNE
yakkety_lepton: ignored (reached end-of-life)
zesty_lepton: ignored (reached end-of-life)
artful_lepton: ignored (reached end-of-life)
bionic_lepton: not-affected (1.2.1-1)
cosmic_lepton: not-affected (1.2.1-1)
disco_lepton: not-affected (1.2.1-1)
devel_lepton: not-affected (1.2.1-1)