Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-8157

Опубликовано: 26 янв. 2015
Источник: nvd
CVSS2: 7.5
EPSS Низкий

Описание

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 4
cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*
Версия до 1.900.1 (включая)

EPSS

Процентиль: 90%
0.05895
Низкий

7.5 High

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2014-8157

ubuntu
больше 10 лет назад

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

redhat логотип

CVE-2014-8157

redhat
больше 10 лет назад

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

debian логотип

CVE-2014-8157

debian
больше 10 лет назад

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 ...

github логотип

GHSA-h547-hw4v-2v53

github
больше 3 лет назад

Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

suse-cvrf логотип

SUSE-SU-2015:0288-1

suse-cvrf
больше 10 лет назад

Security update for jasper

EPSS

Процентиль: 90%
0.05895
Низкий

7.5 High

CVSS2

Дефекты

CWE-189