Bugtraq mailing list archives
[oCERT-2015-001] JasPer input sanitization errors
From: Andrea Barisani <lcars () ocert org>
Date: Thu, 22 Jan 2015 00:28:48 +0100
#2015-001 JasPer input sanitization errors Description: The JasPer project is an open source implementation for the JPEG-2000 codec. The library is affected by an off-by-one error in a buffer boundary check in jpc_dec_process_sot(), leading to a heap based buffer overflow, as well as multiple unrestricted stack memory use issues in jpc_qmfb.c, leading to stack overflow. A specially crafted JPEG-2000 file can be used to trigger the vulnerabilities. Affected version: JasPer <= 1.900.1 Fixed version: JasPer, N/A Credit: vulnerability report received from <pyddeh () gmail com>. CVE: CVE-2014-8157 (off-by-one heap buffer overflow), CVE-2014-8158 (stack overflow) Timeline: 2015-01-06: vulnerability report received 2015-01-06: contacted affected vendors, assigned CVEs 2015-01-21: advisory release References: http://www.ece.uvic.ca/~frodo/jasper -- Andrea Barisani | Founder & Project Coordinator oCERT | OSS Computer Security Incident Response Team <lcars () ocert org> http://www.ocert.org 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E "Pluralitas non est ponenda sine necessitate"
Current thread:
- [oCERT-2015-001] JasPer input sanitization errors Andrea Barisani (Jan 22)