Lucene search

K

[email protected]NVD:CVE-2012-3358

HistoryJul 18, 2012 - 11:55 p.m.

CVE-2012-3358

2012-07-1823:55:03

CWE-119

[email protected]

web.nvd.nist.gov

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.

Affected configurations

NVD

Node

uclouvainopenjpegMatch1.5

References

code.google.com/p/openjpeg/source/detail?r=1727

osvdb.org/83741

rhn.redhat.com/errata/RHSA-2012-1068.html

secunia.com/advisories/49913

www.mandriva.com/security/advisories?name=MDVSA-2012:104

www.openwall.com/lists/oss-security/2012/07/11/1

www.securityfocus.com/bid/54373

exchange.xforce.ibmcloud.com/vulnerabilities/76850

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

Related for NVD:CVE-2012-3358

prion1 cvelist1 nessus11 cve1 ubuntucve1 openvas13 oraclelinux1 centos1 amazon1 veracode1 redhat1 securityvulns2 debian1 osv1 gentoo1 fedora1 freebsd1