7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
OpenJPEG is vulnerable to Heap-based Buffer Overflow. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
CPE | Name | Operator | Version |
---|---|---|---|
openjpeg | eq | 1.3__9.el6_3 | |
openjpeg | eq | 1.3__8.el6_3 | |
openjpeg | eq | 1.3__7.el6 |
openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS
osvdb.org/100639
rhn.redhat.com/errata/RHSA-2013-1850.html
seclists.org/oss-sec/2013/q4/412
www.debian.org/security/2013/dsa-2808
www.securityfocus.com/bid/64113
access.redhat.com/security/updates/classification/#important
rhn.redhat.com/errata/RHSA-2013-1850.html