Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:30262
HistoryJan 29, 2014 - 12:00 a.m.

[ MDVSA-2014:008 ] openjpeg

2014-01-2900:00:00
vulners.com
20
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mandriva Linux Security Advisory MDVSA-2014:008
http://www.mandriva.com/en/support/security/

Package : openjpeg
Date : January 17, 2014
Affected: Business Server 1.0

Problem Description:

Updated openjpeg package fixes security vulnerabilities:

Multiple heap-based buffer overflow flaws were found in OpenJPEG. An
attacker could create a specially crafted OpenJPEG image that,
when opened, could cause an application using openjpeg to crash or,
possibly, execute arbitrary code with the privileges of the user
running the application (CVE-2013-6045).

Multiple denial of service flaws were found in OpenJPEG. An attacker
could create a specially crafted OpenJPEG image that, when opened,
could cause an application using openjpeg to crash (CVE-2013-1447,
CVE-2013-6052, CVE-2013-6053, CVE-2013-6887).

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1447
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6045
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6887
http://advisories.mageia.org/MGASA-2014-0005.html

Updated Packages:

Mandriva Business Server 1/X86_64:
7c65bf19916467995c79153037836a3b mbs1/x86_64/lib64openjpeg1-1.5.0-2.2.mbs1.x86_64.rpm
f8e50deb18fd88c562e1bd8182ea1a24 mbs1/x86_64/lib64openjpeg-devel-1.5.0-2.2.mbs1.x86_64.rpm
8b946672728f9f76a285f927dddc0197 mbs1/x86_64/openjpeg-1.5.0-2.2.mbs1.x86_64.rpm
28d5b8097c427a1f50d0363241a34e6b mbs1/SRPMS/openjpeg-1.5.0-2.2.mbs1.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFS2P+YmqjQ0CJFipgRAjdWAKDAw3trdO1yQMauPGYTZdR3o7SnrQCgok7r
Ctu3agQ11HVzeJ71xY8Qo/8=
=ogxG
-----END PGP SIGNATURE-----

Related

openvas 35
fedora 11
nessus 28
mageia 1
securityvulns 2
gentoo 1
redhat 2
oraclelinux 1
veracode 3
osv 2
debian 2
centos 2
amazon 2
freebsd 1
cve 8
prion 8
ubuntucve 8
redhatcve 1
openvas
openvas
Fedora Update for mingw-openjpeg FEDORA-2013-24079
2014-01-06 00:00:00
Fedora Update for mingw-openjpeg FEDORA-2013-24059
2014-02-03 00:00:00
Fedora Update for openjpeg FEDORA-2014-12507
2014-10-15 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: openjpeg-1.5.1-8.fc19
2014-01-31 04:30:04
[SECURITY] Fedora 20 Update: mingw-openjpeg-1.5.1-7.fc20
2014-01-05 12:33:41
[SECURITY] Fedora 20 Update: openjpeg-1.5.1-8.fc20
2014-01-14 08:43:56
nessus
nessus
Mandriva Linux Security Advisory : openjpeg (MDVSA-2014:008)
2014-01-20 00:00:00
Fedora 19 : openjpeg-1.5.1-13.fc19 (2014-17053)
2015-01-05 00:00:00
Fedora 19 : openjpeg-1.5.1-8.fc19 (2014-0719)
2014-01-31 00:00:00
mageia
mageia
Updated openjpeg package fixes security vulnerabilities
2014-01-06 05:10:03
securityvulns
securityvulns
OpenJPEG library multiple security vulnerabilities
2014-01-29 00:00:00
[SECURITY] [DSA 2808-1] openjpeg security update
2013-12-09 00:00:00
gentoo
gentoo
OpenJPEG: Multiple vulnerabilities
2014-12-13 00:00:00
redhat
redhat
(RHSA-2013:1850) Important: openjpeg security update
2013-12-17 00:00:00
(RHSA-2017:0559) Moderate: openjpeg security update
2017-03-19 23:39:06
oraclelinux
oraclelinux
openjpeg security update
2013-12-17 00:00:00
veracode
veracode
Heap-based Buffer Over-read
2019-05-02 05:00:50
Heap-based Buffer Over-read
2019-05-02 05:00:50
Denial Of Service (DoS)
2019-01-15 08:53:49
osv
osv
openjpeg - regression update
2013-12-03 00:00:00
openjpeg - several
2013-12-03 00:00:00
debian
debian
[SECURITY] [DSA 2808-2] openjpeg regression update
2014-04-22 21:59:21
[SECURITY] [DSA 2808-1] openjpeg security update
2013-12-03 07:05:53
centos
centos
openjpeg security update
2013-12-17 19:00:24
openjpeg security update
2017-03-20 08:25:44
amazon
amazon
Important: openjpeg
2014-01-14 15:55:00
Medium: openjpeg
2017-03-22 16:00:00
freebsd
freebsd
openjpeg -- Multiple vulnerabilities
2012-05-13 00:00:00
cve
cve
CVE-2014-0158
2018-04-10 15:29:00
CVE-2013-6887
2014-04-27 20:55:00
CVE-2013-6045
2013-12-12 18:55:00
prion
prion
Heap overflow
2018-04-10 15:29:00
Null pointer dereference
2014-04-27 20:55:00
Heap overflow
2013-12-12 18:55:00
ubuntucve
ubuntucve
CVE-2014-0158
2018-04-10 00:00:00
CVE-2013-6887
2014-04-27 00:00:00
CVE-2013-6045
2013-12-12 00:00:00
redhatcve
redhatcve
CVE-2016-9675
2016-11-29 23:47:33
JSON
Related for SECURITYVULNS:DOC:30262
openvas35fedora11nessus28mageia1securityvulns2gentoo1redhat2oraclelinux1veracode3osv2debian2centos2amazon2freebsd1cve8prion8ubuntucve8redhatcve1