Lucene search

Veracode Vulnerability DatabaseVERACODE:15427

HistoryMay 02, 2019 - 5:00 a.m.

Heap-based Buffer Overflow

2019-05-0205:00:50

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

OpenJPEG is vulnerable to Heap-based Buffer Overflow. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application.

CPENameOperatorVersion
openjpegeq1.3__9.el6_3
openjpegeq1.3__8.el6_3
openjpegeq1.3__7.el6

Name	Operator	Version
openjpeg	eq	1.3__9.el6_3
openjpeg	eq	1.3__8.el6_3
openjpeg	eq	1.3__7.el6

References

openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS

osvdb.org/100639

rhn.redhat.com/errata/RHSA-2013-1850.html

seclists.org/oss-sec/2013/q4/412

www.debian.org/security/2013/dsa-2808

www.securityfocus.com/bid/64113

access.redhat.com/security/updates/classification/#important

rhn.redhat.com/errata/RHSA-2013-1850.html

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

JSON

Related for VERACODE:15427