Lucene search
Gentoo FoundationGLSA-201206-06HistoryJun 21, 2012 - 12:00 a.m.
OpenJPEG: User-assisted execution of arbitrary code
2012-06-2100:00:00
Gentoo Foundation
security.gentoo.org
11
0.067 Low
EPSS
Percentile
93.8%
Background
OpenJPEG is an open-source JPEG 2000 library.
Description
An error in jp2.c of OpenJPEG could allow an out-of-bounds write error.
Impact
A remote attacker could entice a user to open a specially crafted JPEG file, possibly resulting in execution of arbitrary code or a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All OpenJPEG users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=media-libs/openjpeg-1.5.0"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | media-libs/openjpeg | < 1.5.0 | UNKNOWN |
Related
msvr
msvr
openvas
openvas
OpenJPEG CMAP Record Parsing Vulnerability
2012-04-25 00:00:00
Gentoo Security Advisory GLSA 201206-06 (OpenJPEG)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-06 (OpenJPEG)
2012-08-10 00:00:00
cvelist
cvelist
CVE-2012-1499
2012-04-11 10:00:00
ubuntucve
ubuntucve
CVE-2012-1499
2012-04-11 00:00:00
cve
cve
CVE-2012-1499
2012-04-11 10:39:00
nessus
nessus
GLSA-201206-06 : OpenJPEG: User-assisted execution of arbitrary code
2012-06-21 00:00:00
Fedora 16 : openjpeg-1.4-13.fc16 (2012-9628)
2012-06-28 00:00:00
Fedora 17 : openjpeg-1.4-13.fc17 (2012-9602)
2012-06-28 00:00:00
prion
prion
Heap overflow
2012-04-11 10:39:00
fedora
fedora
[SECURITY] Fedora 17 Update: openjpeg-1.4-13.fc17
2012-06-28 03:53:37
[SECURITY] Fedora 16 Update: openjpeg-1.4-13.fc16
2012-06-28 03:21:19
[SECURITY] Fedora 16 Update: openjpeg-1.4-14.fc16
2012-10-23 01:51:32