Uclouvain: Security Vulnerabilities
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.
CVSS Score
7.5
EPSS Score
0.007
Published
2013-12-12
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.063
Published
2013-12-12
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
CVSS Score
5.0
EPSS Score
0.008
Published
2013-12-12
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
CVSS Score
6.8
EPSS Score
0.046
Published
2012-09-05
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.
CVSS Score
10.0
EPSS Score
0.045
Published
2012-07-18
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."
CVSS Score
6.8
EPSS Score
0.045
Published
2012-07-18
The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
CVSS Score
9.3
EPSS Score
0.038
Published
2012-04-11
Page 8