ID CVE-2013-1447
Summary OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
References
Vulnerable Configurations
  • cpe:2.3:a:openjpeg:openjpeg:-:*:*:*:*:*:*:*
    cpe:2.3:a:openjpeg:openjpeg:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openjpeg:openjpeg:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:openjpeg:openjpeg:1.3:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-05-2014 - 05:20)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
redhat via4
advisories
rhsa
id RHSA-2013:1850
rpms
  • openjpeg-0:1.3-10.el6_5
  • openjpeg-devel-0:1.3-10.el6_5
  • openjpeg-libs-0:1.3-10.el6_5
refmap via4
bid 64142
confirm http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS
debian DSA-2808
mlist [oss-security] 20131204 Fwd: [vs] multiple issues in openjpeg
Last major update 05-05-2014 - 05:20
Published 12-12-2013 - 18:55
Back to Top