Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
No history.
Information
Published : 2015-01-26 15:59
Updated : 2024-02-04 18:35
NVD link : CVE-2014-8157
Mitre link : CVE-2014-8157
CVE.ORG link : CVE-2014-8157
JSON object : View
Products Affected
debian
- debian_linux
jasper_project
- jasper
redhat
- enterprise_linux
opensuse
- opensuse
CWE
CWE-189
Numeric Errors