Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2017-14041

Published: 30/08/2017 Updated: 02/02/2021
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Uclouvain

Vulnerability Summary

A stack-based buffer overflow exists in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

uclouvain openjpeg 2.2.0

debian debian linux 8.0

debian debian linux 9.0

Vendor Advisories

Debian Security Advisories: DSA-4013-1 openjpeg2 -- security update
Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed For the oldstable distribution (jessie), these problems have been fixed in version 210-2+deb8u3 For the stable distribution (stretch), these pr ...
Debian CVElist Bug Report Logs: openjpeg2: CVE-2017-14041: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convert.c
Debian Bug report logs - #874115 openjpeg2: CVE-2017-14041: Stack-based buffer over-write in pgxtoimage function in bin/jp2/convertc Package: src:openjpeg2; Maintainer for src:openjpeg2 is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> ...
Debian CVElist Bug Report Logs: openjpeg2: CVE-2017-14152: heap-based buffer overflow in opj_write_bytes_LE
Debian Bug report logs - #874431 openjpeg2: CVE-2017-14152: heap-based buffer overflow in opj_write_bytes_LE Package: src:openjpeg2; Maintainer for src:openjpeg2 is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 6 Sep 2017 ...
Debian CVElist Bug Report Logs: openjpeg2: CVE-2017-14151: heap-based buffer overflow in opj_mqc_flush
Debian Bug report logs - #874430 openjpeg2: CVE-2017-14151: heap-based buffer overflow in opj_mqc_flush Package: src:openjpeg2; Maintainer for src:openjpeg2 is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 6 Sep 2017 04:5 ...
Red Hat: CVE-2017-14041
A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convertc in OpenJPEG 220 The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution ...

References

CWE-787https://github.com/uclouvain/openjpeg/issues/997https://github.com/uclouvain/openjpeg/commit/e5285319229a5d77bf316bb0d3a6cbd3cb8666d9https://blogs.gentoo.org/ago/2017/08/28/openjpeg-stack-based-buffer-overflow-write-in-pgxtoimage-convert-c/http://www.securityfocus.com/bid/100555http://www.debian.org/security/2017/dsa-4013https://nvd.nist.govhttps://www.debian.org/security/./dsa-4013
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook