Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2009-5030
HistoryJul 18, 2012 - 10:55 p.m.

CVE-2009-5030

2012-07-1822:55:03
CWE-119
[email protected]
web.nvd.nist.gov
39
openjpeg
tcd_free_encode
denial of service
memory corruption
cve-2009-5030

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.045 Low

EPSS

Percentile

92.5%

JSON

The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an “invalid free.”

Affected configurations

NVD
Node
uclouvainopenjpegMatch1.3
OR
uclouvainopenjpegMatch1.4
OR
uclouvainopenjpegMatch1.5

Related

ubuntucve 1
veracode 2
nvd 1
prion 1
cvelist 1
nessus 11
openvas 21
fedora 5
securityvulns 2
redhat 1
oraclelinux 1
centos 1
amazon 1
gentoo 1
debian 1
osv 1
ubuntucve
ubuntucve
CVE-2009-5030
2012-07-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:54:17
Denial Of Service (DoS) And Remote Code Execution (RCE)
2019-05-02 04:42:21
nvd
nvd
CVE-2009-5030
2012-07-18 22:55:03
prion
prion
Memory corruption
2012-07-18 22:55:00
cvelist
cvelist
CVE-2009-5030
2012-07-18 22:00:00
nessus
nessus
Mandriva Linux Security Advisory : openjpeg (MDVSA-2012:104)
2012-08-16 00:00:00
Amazon Linux AMI : openjpeg (ALAS-2012-111)
2013-09-04 00:00:00
Scientific Linux Security Update : openjpeg on SL6.x i386/x86_64 (20120711)
2012-08-01 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2012-111)
2015-09-08 00:00:00
Oracle: Security Advisory (ELSA-2012-1068)
2015-10-06 00:00:00
RedHat Update for openjpeg RHSA-2012:1068-01
2012-07-16 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: openjpeg-1.4-13.fc17
2012-06-28 03:53:37
[SECURITY] Fedora 16 Update: openjpeg-1.4-13.fc16
2012-06-28 03:21:19
[SECURITY] Fedora 17 Update: openjpeg-1.4-14.fc17
2012-11-02 03:18:21
securityvulns
securityvulns
[ MDVSA-2012:104 ] openjpeg
2012-07-16 00:00:00
openjpeg library security vulnerabilities
2013-03-02 00:00:00
redhat
redhat
(RHSA-2012:1068) Important: openjpeg security update
2012-07-11 00:00:00
oraclelinux
oraclelinux
openjpeg security update
2012-07-11 00:00:00
centos
centos
openjpeg security update
2012-07-11 20:43:18
amazon
amazon
Important: openjpeg
2012-07-30 16:35:00
gentoo
gentoo
OpenJPEG: User-assisted execution of arbitrary code
2013-10-10 00:00:00
debian
debian
[SECURITY] [DSA 2629-1] openjpeg security update
2013-02-25 19:07:06
osv
osv
openjpeg - several issues
2013-02-25 00:00:00

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.4 High

AI Score

Confidence

Low

0.045 Low

EPSS

Percentile

92.5%

JSON
Related for CVE-2009-5030
ubuntucve1veracode2nvd1prion1cvelist1nessus11openvas21fedora5securityvulns2redhat1oraclelinux1centos1amazon1gentoo1debian1osv1