Computer Security
[EN] securityvulns.ru no-pyccku


jasper library multiple security vulnerabilities
updated since 08.12.2014
Published:25.01.2015
Source:
SecurityVulns ID:14137
Type:library
Threat Level:
6/10
Description:Buffer overflows in jpc_dec_cp_setfromcox() and jpc_dec_cp_setfromrgn() functions, double free(), heap buffer overflow.
Affected:JASPER : JasPer 1.900
CVE:CVE-2014-9029 (Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.)
 CVE-2014-8158 (Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.)
 CVE-2014-8157 (Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.)
 CVE-2014-8138 (Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.)
 CVE-2014-8137 (Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.)
Original documentdocumentAndrea Barisani, [oCERT-2015-001] JasPer input sanitization errors (25.01.2015)
 documentAndrea Barisani, [oCERT-2014-012] JasPer input sanitization errors (22.12.2014)
 documentAndrea Barisani, [oCERT-2014-009] JasPer input sanitization errors (08.12.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod