OpenJPEG 1.3 and previous versions allows remote malicious users to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
Synopsis
Important: openjpeg security update
Type/Severity
Security Advisory: Important
Topic
Updated openjpeg packages that fix multiple security issues are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact Common Vulner ...
Several vulnerabilities have been discovered in OpenJPEG, a JPEG 2000
image library, that may lead to denial of service (CVE-2013-1447) via
application crash or high memory consumption, possible code execution
through heap buffer overflows (CVE-2013-6045), information disclosure
(CVE-2013-6052), or yet another heap buffer overflow that only appears ...
Multiple heap-based buffer overflow flaws were found in OpenJPEG An attacker could create a specially crafted OpenJPEG image that, when opened, could cause an application using openjpeg to crash or, possibly, execute arbitrary code with the privileges of the user running the application (CVE-2013-6045, CVE-2013-6054)
Multiple denial of service fl ...
OpenJPEG 13 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read ...