RSS   Vulnerabilities for 'Jasper'   RSS

2014-12-08
 
CVE-2014-9029

CWE-189
 

 
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.

 

 >>> Vendor: Jasper 2 Products
Jasper
Httpdx


Copyright 2024, cxsecurity.com

 

Back to Top