Описание
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | netpbm | Will not fix | ||
| Red Hat Enterprise Linux 6 | jasper | Fixed | RHSA-2014:2021 | 18.12.2014 |
| Red Hat Enterprise Linux 7 | jasper | Fixed | RHSA-2014:2021 | 18.12.2014 |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | rhev-hypervisor6 | Fixed | RHSA-2015:1713 | 03.09.2015 |
| RHEV 3.X Hypervisor and Agents for RHEL-6 | rhev-hypervisor7 | Fixed | RHSA-2015:1713 | 03.09.2015 |
| RHEV 3.X Hypervisor and Agents for RHEL-7 | rhev-hypervisor7 | Fixed | RHSA-2015:1713 | 03.09.2015 |
| RHEV Manager version 3.5 | spice-client-msi | Fixed | RHSA-2015:0698 | 18.03.2015 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900. ...
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
EPSS
6.8 Medium
CVSS2