CVE-2013-6355
The Microsoft Graphics Component in Windows Server 2003 Service Pack 2, x64 Edition Service Pack 2, SP2 for Itanium-based Systems, Windows Vista Service pack 2 and x64 Edition Service Pack 2, Windows Server 2008 for 32-bit Systems Service Pack 2, x64-based Systems Service Pack 2, and Itanium-based Systems Service Pack 2, Windows 7 for 32-bit Systems Service Pack 1, and x64-based Systems Service Pack 1, Windows Server 2008 R2 for x64-based Systems Service Pack 1, and Itanium-based Systems Service Pack 1, Windows 8 and Windows 8.1 for 32-bit Systems and x64-based Systems, Windows Server 2012 and Windows Server 2012 R2, Windows RT and Windows RT 8.1, and the Server Core installation option for Windows Server 2008 for 32-bit Systems Service pack 2, Windows Server 2008 for x64-based Systems Service Pack 2, Windows Server 2008 R2 for x64-based Systems Service Pack 1, Windows Server 2012, and Windows Server 2012 R2 does not properly decode JPEG images in memory, which allows remote attackers to obtain sensitive information via a crafted JPEG.
Source: CVE-2013-6355