ID CVE-2014-8138
Summary Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
References
Vulnerable Configurations
  • Red Hat Enterprise Linux 6.0
    cpe:2.3:o:redhat:enterprise_linux:6.0
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
  • Jasper Project Jasper 1.900.1
    cpe:2.3:a:jasper_project:jasper:1.900.1
CVSS
Base: 7.5 (as of 09-01-2015 - 13:19)
Impact:
Exploitability:
CWE CWE-119
CAPEC
  • Buffer Overflow via Environment Variables
    This attack pattern involves causing a buffer overflow through manipulation of environment variables. Once the attacker finds that they can modify an environment variable, they may try to overflow associated buffers. This attack leverages implicit trust often placed in environment variables.
  • Overflow Buffers
    Buffer Overflow attacks target improper or missing bounds checking on buffer operations, typically triggered by input injected by an attacker. As a consequence, an attacker is able to write past the boundaries of allocated buffer regions in memory, causing a program crash or potentially redirection of execution as per the attackers' choice.
  • Client-side Injection-induced Buffer Overflow
    This type of attack exploits a buffer overflow vulnerability in targeted client software through injection of malicious content from a custom-built hostile service.
  • Filter Failure through Buffer Overflow
    In this attack, the idea is to cause an active filter to fail by causing an oversized transaction. An attacker may try to feed overly long input strings to the program in an attempt to overwhelm the filter (by causing a buffer overflow) and hoping that the filter does not fail securely (i.e. the user input is let into the system unfiltered).
  • MIME Conversion
    An attacker exploits a weakness in the MIME conversion routine to cause a buffer overflow and gain control over the mail server machine. The MIME system is designed to allow various different information formats to be interpreted and sent via e-mail. Attack points exist when data are converted to MIME compatible format and back.
  • Overflow Binary Resource File
    An attack of this type exploits a buffer overflow vulnerability in the handling of binary resources. Binary resources may include music files like MP3, image files like JPEG files, and any other binary file. These attacks may pass unnoticed to the client machine through normal usage of files, such as a browser loading a seemingly innocent JPEG file. This can allow the attacker access to the execution stack and execute arbitrary code in the target process. This attack pattern is a variant of standard buffer overflow attacks using an unexpected vector (binary files) to wrap its attack and open up a new attack vector. The attacker is required to either directly serve the binary content to the victim, or place it in a locale like a MP3 sharing application, for the victim to download. The attacker then is notified upon the download or otherwise locates the vulnerability opened up by the buffer overflow.
  • Buffer Overflow via Symbolic Links
    This type of attack leverages the use of symbolic links to cause buffer overflows. An attacker can try to create or manipulate a symbolic link file such that its contents result in out of bounds data. When the target software processes the symbolic link file, it could potentially overflow internal buffers with insufficient bounds checking.
  • Overflow Variables and Tags
    This type of attack leverages the use of tags or variables from a formatted configuration data to cause buffer overflow. The attacker crafts a malicious HTML page or configuration file that includes oversized strings, thus causing an overflow.
  • Buffer Overflow via Parameter Expansion
    In this attack, the target software is given input that the attacker knows will be modified and expanded in size during processing. This attack relies on the target software failing to anticipate that the expanded data may exceed some internal limit, thereby creating a buffer overflow.
  • Buffer Overflow in an API Call
    This attack targets libraries or shared code modules which are vulnerable to buffer overflow attacks. An attacker who has access to an API may try to embed malicious code in the API function call and exploit a buffer overflow vulnerability in the function's implementation. All clients that make use of the code library thus become vulnerable by association. This has a very broad effect on security across a system, usually affecting more than one software process.
  • Buffer Overflow in Local Command-Line Utilities
    This attack targets command-line utilities available in a number of shells. An attacker can leverage a vulnerability found in a command-line utility to escalate privilege to root.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-17274.NASL
    description Fixes for CVE-2014-8137 and CVE-2014-8138 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80295
    published 2014-12-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80295
    title Fedora 20 : mingw-jasper-1.900.1-25.fc20 (2014-17274)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1270.NASL
    description This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410) - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919). - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553). - CVE-2016-1577: Double free vulnerability in the jas_iccattrval_destroy function in JasPer allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137 (bsc#968373). - CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084). - CVE-2016-8691, CVE-2016-8692: Missing range check on XRsiz and YRsiz fields of SIZ marker segment (bsc#1005090). - CVE-2016-8693: The memory stream interface allowed for a buffer size of zero. The case of a zero-sized buffer was not handled correctly, as it could lead to a double free (bsc#1005242). - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591). - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593). - CVE-2016-8882: NULL pointer access in jpc_pi_destroy (bsc#1006597). - CVE-2016-8883: Assert triggered in jpc_dec_tiledecode() (bsc#1006598). - CVE-2016-8886: Memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599). For additional change description please have a look at the changelog.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 94601
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94601
    title openSUSE Security Update : jasper (openSUSE-2016-1270)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2483-1.NASL
    description Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8137) Jose Duart discovered that JasPer incorrectly decoded certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8138) It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8157) It was discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8158). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 81017
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81017
    title Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : jasper vulnerabilities (USN-2483-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3106.NASL
    description Jose Duart of the Google Security Team discovered a double free flaw (CVE-2014-8137 ) and a heap-based buffer overflow flaw (CVE-2014-8138 ) in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80126
    published 2014-12-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80126
    title Debian DSA-3106-1 : jasper - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-17259.NASL
    description Fixes for CVE-2014-8137 and CVE-2014-8138 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80292
    published 2014-12-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80292
    title Fedora 21 : mingw-jasper-1.900.1-25.fc21 (2014-17259)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-17270.NASL
    description Fixes for CVE-2014-8137 and CVE-2014-8138 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80294
    published 2014-12-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80294
    title Fedora 19 : mingw-jasper-1.900.1-25.fc19 (2014-17270)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-12.NASL
    description The follow issues were fixed with this update : - CVE-2014-8137 double-free in jas_iccattrval_destroy()(bnc#909474) - CVE-2014-8138 heap overflow in jas_decode() (bnc#909475)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80540
    published 2015-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80540
    title openSUSE Security Update : jasper (openSUSE-SU-2015:0038-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-0698.NASL
    description Updated rhevm-spice-client packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Virtualization Manager 3. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029, CVE-2014-8137, CVE-2011-4516, CVE-2011-4517, CVE-2008-3520, CVE-2008-3522) Red Hat would like to thank oCERT for reporting CVE-2014-8137, CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029, CVE-2011-4516, and CVE-2011-4517. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter of CVE-2014-8137 and CVE-2014-8138; and pyddeh as the original reporter of CVE-2014-8157 and CVE-2014-8158. The mingw-openssl and mingw-jasper packages have been upgraded to the latest upstream version, which provides a number of bug fixes and enhancements over the previous version. (BZ#1187585) This update also fixes the following bugs : * Previously, a guest system installed with tools incorrectly always started in full screen mode, even when the 'Open in Full Screen' option was unchecked in console options. Now, when connecting in window mode with the option unchecked, the guest system starts in a window as expected. (BZ#1172126) * Prior to this update, copying and pasting of images from the client to the guest did not work when spice-gtk was built from upstream. Now, images can be copied and pasted without problems. (BZ#1187270) In addition, this update adds the following enhancement : * Administrators now have the option of automatic multiuser installation of virt-viewer onto many client workstations. (BZ#1187272) All rhevm-spice-client users are advised to upgrade to these updated packages, which correct these issues and add these enhancement.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81969
    published 2015-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81969
    title RHEL 6 : rhevm-spice-client (RHSA-2015:0698) (POODLE)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-012.NASL
    description Updated jasper packages fix security vulnerabilities : A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8137). A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8138).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 80431
    published 2015-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80431
    title Mandriva Linux Security Advisory : jasper (MDVSA-2015:012)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2483-2.NASL
    description USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8137) Jose Duart discovered that JasPer incorrectly decoded certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8138) It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8157) It was discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2014-8158). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 81018
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81018
    title Ubuntu 10.04 LTS : ghostscript vulnerabilities (USN-2483-2)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-159.NASL
    description Updated jasper packages fix security vulnerabilities : Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service (application crash) or the execution of arbitrary code (CVE-2014-9029). A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8137). A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8138). An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8157). An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8158).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82412
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82412
    title Mandriva Linux Security Advisory : jasper (MDVSA-2015:159)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-83.NASL
    description This update for jasper fixes the following issues : - CVE-2016-1867: Out-of-bounds Read could cause a crash (boo#961886)
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 88396
    published 2016-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88396
    title openSUSE Security Update : jasper (openSUSE-2016-83)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-11.NASL
    description The follow issues were fixed with this update : - CVE-2014-8137 double-free in jas_iccattrval_destroy()(bnc#909474) - CVE-2014-8138 heap overflow in jas_decode() (bnc#909475)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80539
    published 2015-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80539
    title openSUSE Security Update : jasper (openSUSE-SU-2015:0042-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2015-14.NASL
    description The follow issues were fixed with this update : - CVE-2014-8137 double-free in jas_iccattrval_destroy()(bnc#909474) - CVE-2014-8138 heap overflow in jas_decode() (bnc#909475)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80542
    published 2015-01-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80542
    title openSUSE Security Update : jasper (openSUSE-SU-2015:0039-1)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2014-0087.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173566) - CVE-2014-8138 - heap overflow in jp2_decode (#1173566)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 80280
    published 2014-12-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80280
    title OracleVM 3.3 : jasper (OVMSA-2014-0087)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_006E3B7CD7D711E5B85F0018FE623F2B.NASL
    description oCERT reports : The library is affected by a double-free vulnerability in function jas_iccattrval_destroy() as well as a heap-based buffer overflow in function jp2_decode(). A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports : The library is affected by an off-by-one error in a buffer boundary check in jpc_dec_process_sot(), leading to a heap based buffer overflow, as well as multiple unrestricted stack memory use issues in jpc_qmfb.c, leading to stack overflow. A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports : Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. limingxing reports : A vulnerability was found in the way the JasPer's jas_matrix_clip() function parses certain JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 88875
    published 2016-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88875
    title FreeBSD : jasper -- multiple vulnerabilities (006e3b7c-d7d7-11e5-b85f-0018fe623f2b)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-1713.NASL
    description Updated rhev-hypervisor packages that fix multiple security issues, several bugs, and add various enhancements are now available. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A race condition flaw, leading to a heap-based memory corruption, was found in spice's worker_update_monitors_config() function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with the privileges of the host QEMU-KVM process. (CVE-2015-3247) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) It was found that the idle timeout in the Red Hat Enterprise Virtualization Manager Web Admin interface failed to log out a session if a VM has been selected in the VM grid view. This could allow a local attacker to access the web interface if it was left unattended. (CVE-2015-1841) Red Hat would like to thank oCERT for reporting CVE-2014-8137 and CVE-2014-8138. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. The CVE-2015-3247 issue was discovered by Frediano Ziglio of Red Hat. The CVE-2015-1841 issue was discovered by Einav Cohen of Red Hat. This update also fixes the following bug : * Previously, installing the Red Hat Enterprise Virtualization Hypervisor 7 RPM on a Red Hat Enterprise Linux 6 host failed, because no such thing was available. Now, the Red Hat Enterprise Virtualization Hypervisor 7 RPM is available in the rhel-6-server-rhevh-rpms channel, and can be installed on a Red Hat Enterprise Linux 6 host. (BZ#1193678) In addition, this update adds the following enhancement : * With this release, the Red Hat Enterprise Virtualizaton Hypervisor now includes the drivers for the Dell Shared PERC8 RAID Controller. (BZ#1186582) Users of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 85999
    published 2015-09-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=85999
    title RHEL 6 : rhev-hypervisor (RHSA-2015:1713)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JASPER-150203.NASL
    description This update for jasper fixes the following security issues : - Double free in jas_iccattrval_destroy(). Double call to free() allowed attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. (bsc#909474). (CVE-2014-8137) - Heap overflow in jas_decode(). This could be used to do an arbitrary write and could result in arbitrary code execution. (bsc#909475). (CVE-2014-8138) - Off-by-one error in the jpc_dec_process_sot(). Could allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow. (bsc#911837). (CVE-2014-8157) - Multiple stack-based buffer overflows in jpc_qmfb.c. Could allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image. (bsc#911837). (CVE-2014-8158)
    last seen 2019-02-21
    modified 2015-02-12
    plugin id 81311
    published 2015-02-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81311
    title SuSE 11.3 Security Update : jasper (SAT Patch Number 10261)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-121.NASL
    description Jose Duart of the Google Security Team discovered a double free flaw (CVE-2014-8137) and a heap-based buffer overflow flaw (CVE-2014-8138) in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 82104
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82104
    title Debian DLA-121-1 : jasper security update
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0102.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes (fixed by thoger): CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 (CVE-2016-2089) CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 (CVE-2016-8692) CVE-2016-8693 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 (CVE-2016-9262) CVE-2016-9387 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 (CVE-2016-9391) CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9560 (CVE-2016-9583) CVE-2016-9591 CVE-2016-9600 CVE-2016-10248 CVE-2016-10249 (CVE-2016-10251) - Fix implicit declaration warning caused by security fixes above - CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot (#1183672) - CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1183680) - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173567) - CVE-2014-8138 - heap overflow in jp2_decode (#1173567) - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1171209)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 100116
    published 2017-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100116
    title OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-2021.NASL
    description Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2014-12-19
    plugin id 80115
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80115
    title RHEL 6 / 7 : jasper (RHSA-2014:2021)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-2021.NASL
    description From Red Hat Security Advisory 2014:2021 : Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 80113
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80113
    title Oracle Linux 6 / 7 : jasper (ELSA-2014-2021)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0006.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot (#1183671) - CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1183679) - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173566) - CVE-2014-8138 - heap overflow in jp2_decode (#1173566) - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1171208)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 81012
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81012
    title OracleVM 3.3 : jasper (OVMSA-2015-0006)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20141218_JASPER_ON_SL6_X.NASL
    description Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 80117
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80117
    title Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2015-302-02.NASL
    description New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 86663
    published 2015-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86663
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : jasper (SSA:2015-302-02)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16465.NASL
    description Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80367
    published 2015-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80367
    title Fedora 19 : jasper-1.900.1-26.fc19 (2014-16465)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201503-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201503-01 (JasPer: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in JasPer. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file using JasPer, possibly resulting in execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 81686
    published 2015-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81686
    title GLSA-201503-01 : JasPer: Multiple Vulnerabilities
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-2021.NASL
    description Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80107
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80107
    title CentOS 6 / 7 : jasper (CESA-2014:2021)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16292.NASL
    description Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80365
    published 2015-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80365
    title Fedora 21 : jasper-1.900.1-29.fc21 (2014-16292)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2015-466.NASL
    description Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 80417
    published 2015-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80417
    title Amazon Linux AMI : jasper (ALAS-2015-466)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16349.NASL
    description Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80366
    published 2015-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80366
    title Fedora 20 : jasper-1.900.1-27.fc20 (2014-16349)
redhat via4
advisories
  • rhsa
    id RHSA-2014:2021
  • rhsa
    id RHSA-2015:0698
  • rhsa
    id RHSA-2015:1713
rpms
  • jasper-0:1.900.1-26.el7_0.2
  • jasper-devel-0:1.900.1-26.el7_0.2
  • jasper-libs-0:1.900.1-26.el7_0.2
  • jasper-utils-0:1.900.1-26.el7_0.2
  • jasper-0:1.900.1-16.el6_6.2
  • jasper-devel-0:1.900.1-16.el6_6.2
  • jasper-libs-0:1.900.1-16.el6_6.2
  • jasper-utils-0:1.900.1-16.el6_6.2
refmap via4
bid 71746
confirm http://advisories.mageia.org/MGASA-2014-0539.html
debian DSA-3106
mandriva
  • MDVSA-2015:012
  • MDVSA-2015:159
misc
sectrack 1033459
secunia
  • 61747
  • 62311
  • 62615
  • 62619
slackware SSA:2015-302-02
suse
  • openSUSE-SU-2015:0038
  • openSUSE-SU-2015:0039
  • openSUSE-SU-2015:0042
ubuntu
  • USN-2483-1
  • USN-2483-2
Last major update 06-12-2016 - 22:01
Published 24-12-2014 - 13:59
Last modified 04-01-2018 - 21:29
Back to Top