Exploit the possiblities

JasPer 1.900.1 Buffer Overflow

JasPer 1.900.1 Buffer Overflow
Posted Dec 4, 2014
Authored by Andrea Barisani, Open Source CERT

The JasPer project is an open source implementation for the JPEG-2000 codec. The library is affected by two heap-based buffer overflows which can lead to arbitrary code execution. The vulnerability is present in functions jpc_dec_cp_setfromcox() and jpc_dec_cp_setfromrgn(). A specially crafted jp2 file, can be used to trigger the overflows. Versions 1.900.1 and below are affected.

tags | advisory, overflow, arbitrary, code execution
advisories | CVE-2014-9029
MD5 | e661c4bbb6e9abe2278116196e0c0c2d

JasPer 1.900.1 Buffer Overflow

Change Mirror Download

#2014-009 JasPer input sanitization errors

Description:

The JasPer project is an open source implementation for the JPEG-2000 codec.

The library is affected by two heap-based buffer overflows which can lead to
arbitrary code execution. The vulnerability is present in functions
jpc_dec_cp_setfromcox() and jpc_dec_cp_setfromrgn().

A specially crafted jp2 file, can be used to trigger the overflows.

Affected version:

JasPer <= 1.900.1

Fixed version:

JasPer, N/A

Credit: vulnerability report received from the Google Security Team.

CVE: CVE-2014-9029

Timeline:

2014-11-19: vulnerability report received
2014-11-20: contacted affected vendors
2014-11-21: assigned CVE
2014-11-27: patch contributed by Tomas Hoger from Red Hat Product Security
2014-12-04: advisory release

References:
http://www.ece.uvic.ca/~frodo/jasper
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-9029

Permalink:
http://www.ocert.org/advisories/ocert-2014-009.html

--
Andrea Barisani | Founder & Project Coordinator
oCERT | OSS Computer Security Incident Response Team

<lcars@ocert.org> http://www.ocert.org
0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
"Pluralitas non est ponenda sine necessitate"

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

February 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    15 Files
  • 2
    Feb 2nd
    15 Files
  • 3
    Feb 3rd
    15 Files
  • 4
    Feb 4th
    13 Files
  • 5
    Feb 5th
    16 Files
  • 6
    Feb 6th
    15 Files
  • 7
    Feb 7th
    15 Files
  • 8
    Feb 8th
    15 Files
  • 9
    Feb 9th
    18 Files
  • 10
    Feb 10th
    8 Files
  • 11
    Feb 11th
    8 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    15 Files
  • 14
    Feb 14th
    15 Files
  • 15
    Feb 15th
    17 Files
  • 16
    Feb 16th
    18 Files
  • 17
    Feb 17th
    37 Files
  • 18
    Feb 18th
    2 Files
  • 19
    Feb 19th
    16 Files
  • 20
    Feb 20th
    6 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close