ID CVE-2014-9029
Summary Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*
    cpe:2.3:a:jasper_project:jasper:1.900.1:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 09-10-2018 - 19:54)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 1173162
    title CVE-2014-8138 jasper: heap overflow in jp2_decode() (oCERT-2014-012)
    oval
    OR
    • AND
      • OR
        • comment Red Hat Enterprise Linux 7 Client is installed
          oval oval:com.redhat.rhba:tst:20150364001
        • comment Red Hat Enterprise Linux 7 Server is installed
          oval oval:com.redhat.rhba:tst:20150364002
        • comment Red Hat Enterprise Linux 7 Workstation is installed
          oval oval:com.redhat.rhba:tst:20150364003
        • comment Red Hat Enterprise Linux 7 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20150364004
      • OR
        • AND
          • comment jasper is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021005
          • comment jasper is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807006
        • AND
          • comment jasper-devel is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021007
          • comment jasper-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807012
        • AND
          • comment jasper-libs is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021009
          • comment jasper-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807008
        • AND
          • comment jasper-utils is earlier than 0:1.900.1-26.el7_0.2
            oval oval:com.redhat.rhsa:tst:20142021011
          • comment jasper-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807010
    • AND
      • OR
        • comment Red Hat Enterprise Linux 6 Client is installed
          oval oval:com.redhat.rhba:tst:20111656001
        • comment Red Hat Enterprise Linux 6 Server is installed
          oval oval:com.redhat.rhba:tst:20111656002
        • comment Red Hat Enterprise Linux 6 Workstation is installed
          oval oval:com.redhat.rhba:tst:20111656003
        • comment Red Hat Enterprise Linux 6 ComputeNode is installed
          oval oval:com.redhat.rhba:tst:20111656004
      • OR
        • AND
          • comment jasper is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021017
          • comment jasper is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807006
        • AND
          • comment jasper-devel is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021019
          • comment jasper-devel is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807012
        • AND
          • comment jasper-libs is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021018
          • comment jasper-libs is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807008
        • AND
          • comment jasper-utils is earlier than 0:1.900.1-16.el6_6.2
            oval oval:com.redhat.rhsa:tst:20142021020
          • comment jasper-utils is signed with Red Hat redhatrelease2 key
            oval oval:com.redhat.rhsa:tst:20111807010
    rhsa
    id RHSA-2014:2021
    released 2014-12-18
    severity Important
    title RHSA-2014:2021: jasper security update (Important)
  • rhsa
    id RHSA-2015:0698
rpms
  • jasper-0:1.900.1-26.el7_0.2
  • jasper-devel-0:1.900.1-26.el7_0.2
  • jasper-libs-0:1.900.1-26.el7_0.2
  • jasper-utils-0:1.900.1-26.el7_0.2
  • jasper-0:1.900.1-16.el6_6.2
  • jasper-devel-0:1.900.1-16.el6_6.2
  • jasper-libs-0:1.900.1-16.el6_6.2
  • jasper-utils-0:1.900.1-16.el6_6.2
refmap via4
bid 71476
bugtraq 20141204 [oCERT-2014-009] JasPer input sanitization errors
confirm
debian DSA-3089
mandriva
  • MDVSA-2014:247
  • MDVSA-2015:159
misc
mlist [oss-security] 20141204 [oCERT-2014-009] JasPer input sanitization errors
secunia
  • 61747
  • 62828
slackware SSA:2015-302-02
ubuntu
  • USN-2434-1
  • USN-2434-2
xf jasper-cve20149029-bo(99125)
Last major update 09-10-2018 - 19:54
Published 08-12-2014 - 16:59
Back to Top