Red Hat Customer Portal

Skip to main content

CVE-2013-6045

Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.

Details Source

Mitre

Public Date

2013-12-04 00:00:00

Impact

Important

Bugzilla

CVE-2013-6045 openjpeg: heap-based buffer overflows

Bugzilla ID

1 036 495

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

Acknowledgements

Red Hat would like to thank Raphael Geissert for reporting these issues during a review for EDF.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (openjpeg) RHSA-2013:1850 2013-12-17

CWE

CWE-122

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 openjpeg Not affected

CVSS3 Status

draft

CVSS3 Base Score

7.50

CVSS3 Base Metrics

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H