ID CVE-2014-9029
Summary Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • Jasper Project Jasper 1.900.1
    cpe:2.3:a:jasper_project:jasper:1.900.1
CVSS
Base: 7.5 (as of 09-01-2015 - 13:50)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2014-247.NASL
    description Updated jasper packages fix security vulnerability : Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service (application crash) or the execution of arbitrary code (CVE-2014-9029).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 79992
    published 2014-12-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79992
    title Mandriva Linux Security Advisory : jasper (MDVSA-2014:247)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3089.NASL
    description Jose Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, a library for manipulating JPEG-2000 files, which could lead to denial of service (application crash) or the execution of arbitrary code.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 79730
    published 2014-12-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79730
    title Debian DSA-3089-1 : jasper - security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1270.NASL
    description This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410) - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919). - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553). - CVE-2016-1577: Double free vulnerability in the jas_iccattrval_destroy function in JasPer allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137 (bsc#968373). - CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084). - CVE-2016-8691, CVE-2016-8692: Missing range check on XRsiz and YRsiz fields of SIZ marker segment (bsc#1005090). - CVE-2016-8693: The memory stream interface allowed for a buffer size of zero. The case of a zero-sized buffer was not handled correctly, as it could lead to a double free (bsc#1005242). - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591). - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593). - CVE-2016-8882: NULL pointer access in jpc_pi_destroy (bsc#1006597). - CVE-2016-8883: Assert triggered in jpc_dec_tiledecode() (bsc#1006598). - CVE-2016-8886: Memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599). For additional change description please have a look at the changelog.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 94601
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94601
    title openSUSE Security Update : jasper (openSUSE-2016-1270)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2014-781.NASL
    description jasper was updated to fix one security issue. This security issue was fixed : - Heap overflows in libjasper (CVE-2014-9029).
    last seen 2018-11-13
    modified 2018-11-10
    plugin id 80053
    published 2014-12-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80053
    title openSUSE Security Update : jasper (openSUSE-SU-2014:1644-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2015-0698.NASL
    description Updated rhevm-spice-client packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Virtualization Manager 3. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. This update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails. This can prevent a forceful downgrade of the communication to SSL 3.0. The SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication. For additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123 Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029, CVE-2014-8137, CVE-2011-4516, CVE-2011-4517, CVE-2008-3520, CVE-2008-3522) Red Hat would like to thank oCERT for reporting CVE-2014-8137, CVE-2014-8138, CVE-2014-8157, CVE-2014-8158, CVE-2014-9029, CVE-2011-4516, and CVE-2011-4517. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter of CVE-2014-8137 and CVE-2014-8138; and pyddeh as the original reporter of CVE-2014-8157 and CVE-2014-8158. The mingw-openssl and mingw-jasper packages have been upgraded to the latest upstream version, which provides a number of bug fixes and enhancements over the previous version. (BZ#1187585) This update also fixes the following bugs : * Previously, a guest system installed with tools incorrectly always started in full screen mode, even when the 'Open in Full Screen' option was unchecked in console options. Now, when connecting in window mode with the option unchecked, the guest system starts in a window as expected. (BZ#1172126) * Prior to this update, copying and pasting of images from the client to the guest did not work when spice-gtk was built from upstream. Now, images can be copied and pasted without problems. (BZ#1187270) In addition, this update adds the following enhancement : * Administrators now have the option of automatic multiuser installation of virt-viewer onto many client workstations. (BZ#1187272) All rhevm-spice-client users are advised to upgrade to these updated packages, which correct these issues and add these enhancement.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 81969
    published 2015-03-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81969
    title RHEL 6 : rhevm-spice-client (RHSA-2015:0698) (POODLE)
  • NASL family Mandriva Local Security Checks
    NASL id MANDRIVA_MDVSA-2015-159.NASL
    description Updated jasper packages fix security vulnerabilities : Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service (application crash) or the execution of arbitrary code (CVE-2014-9029). A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8137). A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8138). An off-by-one flaw, leading to a heap-based buffer overflow, was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8157). An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code (CVE-2014-8158).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 82412
    published 2015-03-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82412
    title Mandriva Linux Security Advisory : jasper (MDVSA-2015:159)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2434-1.NASL
    description Jose Duart discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 79823
    published 2014-12-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79823
    title Ubuntu 12.04 LTS / 14.04 LTS / 14.10 : jasper vulnerability (USN-2434-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2434-2.NASL
    description USN-2434-1 fixed a vulnerability in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Jose Duart discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 79824
    published 2014-12-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=79824
    title Ubuntu 10.04 LTS : ghostscript vulnerability (USN-2434-2)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-101.NASL
    description Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, a library for manipulating JPEG-2000 files, which could lead to denial of service (application crash) or the execution of arbitrary code. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-06
    plugin id 82085
    published 2015-03-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=82085
    title Debian DLA-101-1 : jasper security update
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_006E3B7CD7D711E5B85F0018FE623F2B.NASL
    description oCERT reports : The library is affected by a double-free vulnerability in function jas_iccattrval_destroy() as well as a heap-based buffer overflow in function jp2_decode(). A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports : The library is affected by an off-by-one error in a buffer boundary check in jpc_dec_process_sot(), leading to a heap based buffer overflow, as well as multiple unrestricted stack memory use issues in jpc_qmfb.c, leading to stack overflow. A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports : Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. limingxing reports : A vulnerability was found in the way the JasPer's jas_matrix_clip() function parses certain JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 88875
    published 2016-02-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=88875
    title FreeBSD : jasper -- multiple vulnerabilities (006e3b7c-d7d7-11e5-b85f-0018fe623f2b)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_LIBJASPER-141204.NASL
    description This update for libjasper fixes multiple off-by-one errors which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow triggered by a crafted jp2 (JPEG 2000) file. (bsc#906364, CVE-2014-9029)
    last seen 2019-02-21
    modified 2015-02-04
    plugin id 81161
    published 2015-02-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81161
    title SuSE 11.3 Security Update : libjasper (SAT Patch Number 10072)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-17032.NASL
    description Add patches for all current CVEs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 80068
    published 2014-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80068
    title Fedora 19 : mingw-jasper-1.900.1-24.fc19 (2014-17032)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0102.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes (fixed by thoger): CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 (CVE-2016-2089) CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 (CVE-2016-8692) CVE-2016-8693 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 (CVE-2016-9262) CVE-2016-9387 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 (CVE-2016-9391) CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9560 (CVE-2016-9583) CVE-2016-9591 CVE-2016-9600 CVE-2016-10248 CVE-2016-10249 (CVE-2016-10251) - Fix implicit declaration warning caused by security fixes above - CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot (#1183672) - CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1183680) - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173567) - CVE-2014-8138 - heap overflow in jp2_decode (#1173567) - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1171209)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 100116
    published 2017-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100116
    title OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2014-2021.NASL
    description Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2014-12-19
    plugin id 80115
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80115
    title RHEL 6 / 7 : jasper (RHSA-2014:2021)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2014-2021.NASL
    description From Red Hat Security Advisory 2014:2021 : Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 80113
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80113
    title Oracle Linux 6 / 7 : jasper (ELSA-2014-2021)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2015-0006.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot (#1183671) - CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1183679) - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173566) - CVE-2014-8138 - heap overflow in jp2_decode (#1173566) - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1171208)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 81012
    published 2015-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81012
    title OracleVM 3.3 : jasper (OVMSA-2015-0006)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20141218_JASPER_ON_SL6_X.NASL
    description Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-28
    plugin id 80117
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80117
    title Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64
  • NASL family Slackware Local Security Checks
    NASL id SLACKWARE_SSA_2015-302-02.NASL
    description New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 86663
    published 2015-10-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=86663
    title Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : jasper (SSA:2015-302-02)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16465.NASL
    description Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80367
    published 2015-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80367
    title Fedora 19 : jasper-1.900.1-26.fc19 (2014-16465)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201503-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-201503-01 (JasPer: Multiple Vulnerabilities) Multiple vulnerabilities have been discovered in JasPer. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted file using JasPer, possibly resulting in execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2015-04-13
    plugin id 81686
    published 2015-03-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=81686
    title GLSA-201503-01 : JasPer: Multiple Vulnerabilities
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-17027.NASL
    description Add patches for all current CVEs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 80067
    published 2014-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80067
    title Fedora 20 : mingw-jasper-1.900.1-24.fc20 (2014-17027)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2014-2021.NASL
    description Updated jasper packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137) Red Hat would like to thank oCERT for reporting these issues. oCERT acknowledges Jose Duart of the Google Security Team as the original reporter. All JasPer users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. All applications using the JasPer libraries must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 80107
    published 2014-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80107
    title CentOS 6 / 7 : jasper (CESA-2014:2021)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16292.NASL
    description Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80365
    published 2015-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80365
    title Fedora 21 : jasper-1.900.1-29.fc21 (2014-16292)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16961.NASL
    description Add patches for all current CVEs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 80066
    published 2014-12-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80066
    title Fedora 21 : mingw-jasper-1.900.1-24.fc21 (2014-16961)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2015-466.NASL
    description Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-9029) A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8138) A double free flaw was found in the way JasPer parsed ICC color profiles in JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2014-8137)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 80417
    published 2015-01-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80417
    title Amazon Linux AMI : jasper (ALAS-2015-466)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2014-16349.NASL
    description Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2015-10-19
    plugin id 80366
    published 2015-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=80366
    title Fedora 20 : jasper-1.900.1-27.fc20 (2014-16349)
redhat via4
advisories
  • bugzilla
    id 1173162
    title CVE-2014-8138 jasper: heap overflow in jp2_decode() (oCERT-2014-012)
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 7 Client is installed
          oval oval:com.redhat.rhba:tst:20150364001
        • comment Red Hat Enterprise Linux 7 Server is installed
          oval oval:com.redhat.rhba:tst:20150364002
        • comment Red Hat Enterprise Linux 7 Workstation is installed
          oval oval:com.redhat.rhba:tst:20150364003
        • comment Red Hat Enterprise Linux 7 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20150364004
      • OR
        • AND
          • comment jasper is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021005
          • comment jasper is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807006
        • AND
          • comment jasper-devel is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021007
          • comment jasper-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807012
        • AND
          • comment jasper-libs is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021009
          • comment jasper-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807008
        • AND
          • comment jasper-utils is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021011
          • comment jasper-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807010
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
      • OR
        • AND
          • comment jasper is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021017
          • comment jasper is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807006
        • AND
          • comment jasper-devel is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021019
          • comment jasper-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807012
        • AND
          • comment jasper-libs is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021018
          • comment jasper-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807008
        • AND
          • comment jasper-utils is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021020
          • comment jasper-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807010
    rhsa
    id RHSA-2014:2021
    released 2014-12-18
    severity Important
    title RHSA-2014:2021: jasper security update (Important)
  • rhsa
    id RHSA-2015:0698
rpms
  • jasper-0:1.900.1-26.el7_0.2
  • jasper-devel-0:1.900.1-26.el7_0.2
  • jasper-libs-0:1.900.1-26.el7_0.2
  • jasper-utils-0:1.900.1-26.el7_0.2
  • jasper-0:1.900.1-16.el6_6.2
  • jasper-devel-0:1.900.1-16.el6_6.2
  • jasper-libs-0:1.900.1-16.el6_6.2
  • jasper-utils-0:1.900.1-16.el6_6.2
refmap via4
bid 71476
bugtraq 20141204 [oCERT-2014-009] JasPer input sanitization errors
confirm
debian DSA-3089
mandriva
  • MDVSA-2014:247
  • MDVSA-2015:159
misc
mlist [oss-security] 20141204 [oCERT-2014-009] JasPer input sanitization errors
secunia
  • 61747
  • 62828
slackware SSA:2015-302-02
ubuntu
  • USN-2434-1
  • USN-2434-2
xf jasper-cve20149029-bo(99125)
Last major update 02-01-2017 - 21:59
Published 08-12-2014 - 11:59
Last modified 09-10-2018 - 15:54
Back to Top