Lucene search
Ubuntu.comUB:CVE-2012-1499HistoryApr 11, 2012 - 12:00 a.m.
CVE-2012-1499
2012-04-1100:00:00
ubuntu.com
ubuntu.com
12
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.067 Low
EPSS
Percentile
93.9%
The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers
to execute arbitrary code via a crafted palette index in a CMAP record of a
JPEG image, which triggers memory corruption, aka “out-of heap-based buffer
write.”
Notes
| Author | Note |
|---|---|
| jdstrand | per Debian, code introduced after 1.3 |
Related
cve
cve
CVE-2012-1499
2012-04-11 10:39:26
gentoo
gentoo
OpenJPEG: User-assisted execution of arbitrary code
2012-06-21 00:00:00
openvas
openvas
OpenJPEG CMAP Record Parsing Vulnerability
2012-04-25 00:00:00
Gentoo Security Advisory GLSA 201206-06 (OpenJPEG)
2012-08-10 00:00:00
Gentoo Security Advisory GLSA 201206-06 (OpenJPEG)
2012-08-10 00:00:00
msvr
msvr
cvelist
cvelist
CVE-2012-1499
2012-04-11 10:00:00
nvd
nvd
CVE-2012-1499
2012-04-11 10:39:26
prion
prion
Heap overflow
2012-04-11 10:39:00
nessus
nessus
GLSA-201206-06 : OpenJPEG: User-assisted execution of arbitrary code
2012-06-21 00:00:00
Fedora 16 : openjpeg-1.4-13.fc16 (2012-9628)
2012-06-28 00:00:00
Fedora 17 : openjpeg-1.4-13.fc17 (2012-9602)
2012-06-28 00:00:00
fedora
fedora
[SECURITY] Fedora 16 Update: openjpeg-1.4-13.fc16
2012-06-28 03:21:19
[SECURITY] Fedora 17 Update: openjpeg-1.4-13.fc17
2012-06-28 03:53:37
[SECURITY] Fedora 16 Update: openjpeg-1.4-14.fc16
2012-10-23 01:51:32
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.067 Low
EPSS
Percentile
93.9%
Related for UB:CVE-2012-1499