821 matches found
CVE-2018-4868
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...
[SECURITY] Fedora 27 Update: openjpeg2-2.2.0-3.fc27
The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...
CVE-2017-14860
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...
PYSEC-2017-133
There is a heap-based buffer over-read in the Exiv2::Jp2Image::readMetadata function of jp2image.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack...
[SECURITY] Fedora 26 Update: jasper-2.0.14-1.fc26
This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...
[SECURITY] Fedora 25 Update: openjpeg2-2.2.0-3.fc25
The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...
[SECURITY] Fedora 25 Update: openjpeg2-2.2.0-2.fc25
The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...
[SECURITY] Fedora 26 Update: openjpeg2-2.2.0-3.fc26
The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...
[SECURITY] Fedora 26 Update: openjpeg2-2.2.0-2.fc26
The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains JPEG 2000 codec compliant with the Part 1 of the standard Class-1 Profil e-1 compliance. JP2 JPEG 2000 standard Part 2 - Handling of JP2 boxes and extended multi ple...
ALPINE-CVE-2017-14040
An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact...
UBUNTU-CVE-2017-14040
An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact...
CVE-2017-13145
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...
Denial Of Service (DoS)
ImageMagick is vulnerable to denial of service DoS attacks. The attacks are possible because it is possible to bypass the validation of channel geometry in the ReadJP2Image function in coders/jp2.c...
DEBIAN-CVE-2017-13145
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...
CVE-2017-13145
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...
CVE-2017-13145
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...
CVE-2017-13145
This CVE (CVE-2017-13145) affects ImageMagick’s JP2 coder ReadJP2Image in coders/jp2.c. The vulnerability stems from insufficient validation of channel geometry, which can cause a crash when processing JP2 images. Affected products/versions per the provided description: ImageMagick 6.x up to 6.9....
UBUNTU-CVE-2017-13145
In ImageMagick before 6.9.8-8 and 7.x before 7.0.5-9, the ReadJP2Image function in coders/jp2.c does not properly validate the channel geometry, leading to a crash...
Adobe Acrobat And Reader Memory Corruption (APSB17-24: CVE-2017-11226)
A memory corruption vulnerability exists in Adobe Acrobat And Reader. The vulnerability is due to an error in the image processing engine when processing JPEG 2000 JP2 code stream data. A remote attacker may exploit this vulnerability by using a crafted JP2 file that contains large values for til...
CVE-2017-11536
When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a Memory Leak in the WriteJP2Image function in coders/jp2.c...