CVE-2014-9029
jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
Múltiples errores de superación de límite (off-by-one) en las funciones (1) jpc_dec_cp_setfromcox y (2) jpc_dec_cp_setfromrgn en jpc/jpc_dec.c en JasPer 1.900.1 y anteriores permiten a atacantes remotos ejecutar código arbitrario a través de un fichero jp2 manipulado, lo que provoca un desbordamiento de buffer basado en memoria dinámica.
Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service or the execution of arbitrary code. A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-11-20 CVE Reserved
- 2014-12-04 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-189: Numeric Errors
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://advisories.mageia.org/MGASA-2014-0514.html | X_refsource_confirm | |
| http://packetstormsecurity.com/files/129393/JasPer-1.900.1-Buffer-Overflow.html | X_refsource_misc |
|
| http://secunia.com/advisories/61747 | Third Party Advisory | |
| http://secunia.com/advisories/62828 | Third Party Advisory | |
| http://www.ocert.org/advisories/ocert-2014-009.html | Us Government Resource | |
| http://www.openwall.com/lists/oss-security/2014/12/04/9 | Mailing List |
|
| http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | X_refsource_confirm |
|
| http://www.securityfocus.com/archive/1/534153/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/71476 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/99125 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Jasper Project Search vendor "Jasper Project" | Jasper Search vendor "Jasper Project" for product "Jasper" | <= 1.900.1 Search vendor "Jasper Project" for product "Jasper" and version " <= 1.900.1" | - |
Affected
| ||||||