Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3535

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2012-3535
Last Modified 04 Apr 2013 11:12:21
Published 05 Sep 2012 07:55:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3535

Summary

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

Vulnerable Systems

Application

  • Openjpeg 1.3

  • Openjpeg 1.4

  • Openjpeg 1.5


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=842918

XF - openjpeg-files-bo(77994)

BID - 55214

MLIST - [oss-security] 20120827 Re: CVE Request: Heap-based buffer overflow in openjpeg

MLIST - [oss-security] 20120827 CVE Request: Heap-based buffer overflow in openjpeg

SECUNIA - 50360

OSVDB - 84978

MISC - http://code.google.com/p/openjpeg/issues/detail?id=170

REDHAT - RHSA-2012:1283

SECUNIA - 50681

MANDRIVA - MDVSA-2012:157

FEDORA - FEDORA-2012-14707

FEDORA - FEDORA-2012-14664


Last Updated: 27 May 2016 11:00:29