CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-3535

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.06

EPSS Ranking 90.1%

CVSS Severity

CVSS v2 Score 6.8

References

http://code.google.com/p/openjpeg/issues/detail?id=170
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090021.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090579.html
http://osvdb.org/84978
http://rhn.redhat.com/errata/RHSA-2012-1283.html
http://secunia.com/advisories/50360
http://secunia.com/advisories/50681
http://www.mandriva.com/security/advisories?name=MDVSA-2012:157
http://www.openwall.com/lists/oss-security/2012/08/27/2
http://www.openwall.com/lists/oss-security/2012/08/27/3
http://www.securityfocus.com/bid/55214
https://bugzilla.redhat.com/show_bug.cgi?id=842918
https://exchange.xforce.ibmcloud.com/vulnerabilities/77994
http://code.google.com/p/openjpeg/issues/detail?id=170
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090021.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090579.html
http://osvdb.org/84978
http://rhn.redhat.com/errata/RHSA-2012-1283.html
http://secunia.com/advisories/50360
http://secunia.com/advisories/50681
http://www.mandriva.com/security/advisories?name=MDVSA-2012:157
http://www.openwall.com/lists/oss-security/2012/08/27/2
http://www.openwall.com/lists/oss-security/2012/08/27/3
http://www.securityfocus.com/bid/55214
https://bugzilla.redhat.com/show_bug.cgi?id=842918
https://exchange.xforce.ibmcloud.com/vulnerabilities/77994

Products affected by CVE-2012-3535

Uclouvain » Openjpeg » Version: N/A

cpe:2.3:a:uclouvain:openjpeg:-
Uclouvain » Openjpeg » Version: 1.0

cpe:2.3:a:uclouvain:openjpeg:1.0
Uclouvain » Openjpeg » Version: 1.1

cpe:2.3:a:uclouvain:openjpeg:1.1
Uclouvain » Openjpeg » Version: 1.2

cpe:2.3:a:uclouvain:openjpeg:1.2
Uclouvain » Openjpeg » Version: 1.3

cpe:2.3:a:uclouvain:openjpeg:1.3
Uclouvain » Openjpeg » Version: 1.4

cpe:2.3:a:uclouvain:openjpeg:1.4
Uclouvain » Openjpeg » Version: 1.5

cpe:2.3:a:uclouvain:openjpeg:1.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3535

Products

Pricing

Contact Us