Lucene search
Veracode Vulnerability DatabaseVERACODE:15427HistoryMay 02, 2019 - 5:00 a.m.
Heap-based Buffer Overflow
2019-05-0205:00:50
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.005 Low
EPSS
Percentile
77.0%
OpenJPEG is vulnerable to Heap-based Buffer Overflow. An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| openjpeg | eq | 1.3__9.el6_3 | |
| openjpeg | eq | 1.3__8.el6_3 | |
| openjpeg | eq | 1.3__7.el6 |
References
openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS
osvdb.org/100639
rhn.redhat.com/errata/RHSA-2013-1850.html
seclists.org/oss-sec/2013/q4/412
www.debian.org/security/2013/dsa-2808
www.securityfocus.com/bid/64113
access.redhat.com/security/updates/classification/#important
rhn.redhat.com/errata/RHSA-2013-1850.html
Related
prion
prion
Heap overflow
2013-12-12 18:55:00
nvd
nvd
CVE-2013-6054
2013-12-12 18:55:16
cvelist
cvelist
CVE-2013-6054
2013-12-12 18:00:00
cve
cve
CVE-2013-6054
2013-12-12 18:55:16
ubuntucve
ubuntucve
CVE-2013-6054
2013-12-12 00:00:00
redhat
redhat
(RHSA-2013:1850) Important: openjpeg security update
2013-12-17 00:00:00
nessus
nessus
Amazon Linux AMI : openjpeg (ALAS-2014-271)
2014-02-05 00:00:00
Debian DSA-2808-1 : openjpeg - several vulnerabilities
2013-12-04 00:00:00
RHEL 6 : openjpeg (RHSA-2013:1850)
2013-12-18 00:00:00
openvas
openvas
CentOS Update for openjpeg CESA-2013:1850 centos6
2013-12-23 00:00:00
Amazon Linux: Security Advisory (ALAS-2014-271)
2015-09-08 00:00:00
Debian Security Advisory DSA 2808-1 (openjpeg - several vulnerabilities)
2013-12-03 00:00:00
debian
debian
[SECURITY] [DSA 2808-2] openjpeg regression update
2014-04-22 21:59:21
[SECURITY] [DSA 2808-1] openjpeg security update
2013-12-03 07:05:53
centos
centos
openjpeg security update
2013-12-17 19:00:24
amazon
amazon
Important: openjpeg
2014-01-14 15:55:00
osv
osv
openjpeg - several
2013-12-03 00:00:00
openjpeg - regression update
2013-12-03 00:00:00
veracode
veracode
Heap-based Buffer Over-read
2019-05-02 05:00:50
Heap-based Buffer Over-read
2019-05-02 05:00:50
securityvulns
securityvulns
[SECURITY] [DSA 2808-1] openjpeg security update
2013-12-09 00:00:00
OpenJPEG library multiple security vulnerabilities
2014-01-29 00:00:00
oraclelinux
oraclelinux
openjpeg security update
2013-12-17 00:00:00
gentoo
gentoo
OpenJPEG: Multiple vulnerabilities
2014-12-13 00:00:00
freebsd
freebsd
openjpeg -- Multiple vulnerabilities
2012-05-13 00:00:00