EUVD-2019-14749

Malware in sbrugna...

Kakadu Software SDK Code Issue Vulnerability

Kakadu Software SDK is a JPEG2000 software development kit SDK from Kakadu Software, an Australian company. A code issue vulnerability exists in Kakadu Software SDK version 7.9, which stems from a path traversal vulnerability. An attacker could use this vulnerability to access local and remote...

CVE-2019-5144

An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigge...

CVE-2019-5144

An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim to trigge...

CVE-2019-5144

Kakadu Software SDK 7.10.2 contains a heap-based vulnerability in derive_taps_and_gains (kdu_v7ar.dll). The issue arises from a flawed interaction between allocate_floats and enlarge_work_buffers, which can cause a heap overflow when handling step_info_n, leading to potential remote code executio...

Kakadu Software SDK Numeric Error Vulnerability

Kakadu Software SDK is a set of JPEG2000 software development kits SDK from Kakadu Software, Australia. A numeric error vulnerability exists in the 'derivetapsandgains' function of the kduv7ar.dll file in version 7.10.2 of the Kakadu Software SDK, which arises from a networked system or product...

Vulnerability Spotlight: Kakadu Software SDK ATK marker code execution vulnerability

Aleksandar Nikolic and Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw. Kakadu Software’s SDK contains an exploitable heap overflow. Kakadu serves as a framework for developers to create a variety of commercial and non-commercial applications. An attacker could...

Kakadu Software SDK ATK marker code execution vulnerability

Summary An exploitable heap underflow vulnerability exists in the derivetapsandgains function in kduv7ar.dll of Kakadu Software SDK 7.10.2. A specially crafted jp2 file can cause a heap overflow, which can result in remote code execution. An attacker could provide a malformed file to the victim t...

NewSouth Innovations Kakadu SDK Buffer Overflow Vulnerability (CNVD-2017-28778)

NewSouth Innovations Kakadu SDK is a JPEG2000 software development kit from NewSouth Innovations, Australia. A buffer overflow vulnerability exists in version 7.9 of the NewSouth Innovations Kakadu SDK, which originates when the program fails to properly perform bounds detection on user-submitted...

NewSouth Innovations Kakadu SDK Buffer Overflow Vulnerability

NewSouth Innovations Kakadu SDK is a JPEG2000 software development kit from NewSouth Innovations, Australia. A buffer overflow vulnerability exists in version 7.9 of the NewSouth Innovations Kakadu SDK, which originates when the program fails to properly perform bounds detection on user-submitted...