Lucene search

Veracode Vulnerability DatabaseVERACODE:11163

HistoryJan 15, 2019 - 8:57 a.m.

Denial Of Service (DoS)

2019-01-1508:57:51

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

openjpeg is vulnerable to denial of service (DoS) attacks. The vulnerability exists through a heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

CPENameOperatorVersion
openjpegeq1.3__8.el6_3
openjpegeq1.3__7.el6
openjpegeq1.3__8.el6_3
openjpegeq1.3__7.el6

Name	Operator	Version
openjpeg	eq	1.3__8.el6_3
openjpeg	eq	1.3__7.el6
openjpeg	eq	1.3__8.el6_3
openjpeg	eq	1.3__7.el6

References

code.google.com/p/openjpeg/issues/detail?id=170

lists.fedoraproject.org/pipermail/package-announce/2012-October/090021.html

lists.fedoraproject.org/pipermail/package-announce/2012-October/090579.html

osvdb.org/84978

rhn.redhat.com/errata/RHSA-2012-1283.html

secunia.com/advisories/50360

secunia.com/advisories/50681

www.mandriva.com/security/advisories?name=MDVSA-2012:157

www.openwall.com/lists/oss-security/2012/08/27/2

www.openwall.com/lists/oss-security/2012/08/27/3

www.securityfocus.com/bid/55214

access.redhat.com/errata/RHSA-2012:1283

access.redhat.com/security/cve/CVE-2012-3535

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=842918

exchange.xforce.ibmcloud.com/vulnerabilities/77994

rhn.redhat.com/errata/RHSA-2012-1283.html

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

JSON

Related for VERACODE:11163