jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Jpegoptim | Jpegoptim_project | 1.4.5 | 1.4.5 |