Информационная безопасность
[RU] switch to English


Уязвимости безопасности в библиотеке openjpeg
дополнено с 16 июля 2012 г.
Опубликовано:2 марта 2013 г.
Источник:
SecurityVulns ID:12476
Тип:библиотека
Уровень опасности:
6/10
Описание:Уязвимости при кодировании и декодировании jpeg
Затронутые продукты:OPENJPEG : OpenJPEG 1.3
CVE:CVE-2012-3535 (Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.)
 CVE-2012-3358 (Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.)
 CVE-2009-5030 (The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free.")
Оригинальный текстdocumentMANDRIVA, [ MDVSA-2012:104 ] openjpeg (16.07.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород