Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2012-1499

Published: 11/04/2012 Updated: 09/09/2020
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Uclouvain

Vulnerability Summary

The JPEG 2000 codec (jp2.c) in OpenJPEG prior to 1.5 allows remote malicious users to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."

Vulnerable Product Search on Vulmon Subscribe to Product

uclouvain openjpeg

uclouvain openjpeg 1.3

References

CWE-119http://openjpeg.googlecode.com/svn/branches/openjpeg-1.5/NEWShttp://technet.microsoft.com/en-us/security/msvr/msvr12-004http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082923.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=805912http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083105.htmlhttp://security.gentoo.org/glsa/glsa-201206-06.xmlhttp://code.google.com/p/openjpeg/source/detail?r=1330http://www.securityfocus.com/bid/52654https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook