You are here

CVE-2012-3358

Vincent (CVE) Danen's picture
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.

Details Source

Mitre

Public Date

2012-07-10 00:00:00

Impact

Important

Bugzilla

CVE-2012-3358 openjpeg: heap-based buffer overflow when processing JPEG2000 image files

Bugzilla ID

835 767

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (openjpeg) RHSA-2012:1068 2012-07-11

CWE

CWE-122