Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8158

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2014-8158
Last Modified 02 Apr 2015 09:59:30
Published 26 Jan 2015 10:59:09
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-8158

Summary

Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.

Vulnerable Systems

Operating System

  • Debian Linux 7.0

  • Novell Opensuse 13.1

  • Novell Opensuse 13.2

  • Redhat Enterprise Linux 6.0

  • Redhat Enterprise Linux 7.0

Application

  • Jasper Project Jasper 1.900.1


References

MISC - http://www.ocert.org/advisories/ocert-2015-001.html

REDHAT - RHSA-2015:0074

SECUNIA - 62765

SECUNIA - 62619

SECUNIA - 62615

SECUNIA - 62583

DEBIAN - DSA-3138

SUSE - openSUSE-SU-2015:0200

UBUNTU - USN-2483-2

UBUNTU - USN-2483-1

REDHAT - RHSA-2015:0698

MANDRIVA - MDVSA-2015:034

CONFIRM - http://advisories.mageia.org/MGASA-2015-0038.html

MANDRIVA - MDVSA-2015:159


Last Updated: 27 May 2016 11:08:15