Computer Security
[EN] securityvulns.ru no-pyccku


OpenJPEG library multiple security vulnerabilities
updated since 09.12.2013
Published:29.01.2014
Source:
SecurityVulns ID:13439
Type:library
Threat Level:
7/10
Description:Memory corruptions, buffer overflows, information leakage.
Affected:OPENJPEG : OpenJPEG 1.3
CVE:CVE-2013-6887 (OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.)
 CVE-2013-6054 (Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.)
 CVE-2013-6053 (OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.)
 CVE-2013-6052 (OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors.)
 CVE-2013-6045 (Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.)
 CVE-2013-1447 (OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors.)
Original documentdocumentMANDRIVA, [ MDVSA-2014:008 ] openjpeg (29.01.2014)
 documentDEBIAN, [SECURITY] [DSA 2808-1] openjpeg security update (09.12.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod