Even Rouault

37 exploits Active since Nov 2016
CVE-2017-14041 WRITEUP HIGH WRITEUP
OpenJPEG 2.2.0 - Stack-Based Buffer Overflow in pgxtoimage Function
A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
CVSS 8.8
CVE-2017-14151 WRITEUP HIGH WRITEUP
OpenJPEG 2.2.0 - Heap-Based Buffer Overflow via opj_tcd_code_block_enc_allocate_data
An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and opj_t1_encode_cblk in lib/openjp2/t1.c) or possibly remote code execution.
CVSS 8.8
CVE-2017-14152 WRITEUP HIGH WRITEUP
OpenJPEG 2.2.0 - Heap-Based Buffer Overflow in opj_j2k_set_cinema_parameters
A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c and opj_j2k_write_sot in lib/openjp2/j2k.c) or possibly remote code execution.
CVSS 8.8
CVE-2017-14164 WRITEUP HIGH WRITEUP
OpenJPEG 2.2.0 - Heap-Based Buffer Overflow
A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c) or possibly remote code execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14152.
CVSS 8.8
CVE-2018-21010 WRITEUP HIGH WRITEUP
OpenJPEG < 2.3.1 - Heap Buffer Overflow in ICC Profile Color Application
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
CVSS 8.8
CVE-2019-17545 WRITEUP CRITICAL WRITEUP
GDAL < 3.0.1 - Use-After-Free in OGRExpatRealloc
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded.
CVSS 9.8
CVE-2019-17546 WRITEUP HIGH WRITEUP
libtiff < 4.1.0 - Integer Overflow via Crafted RGBA Image
tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a "Negative-size-param" condition.
CVSS 8.8
CVE-2019-25050 WRITEUP HIGH WRITEUP
GDAL 2.4.2-3.0.4 - Stack-based Buffer Overflow in netCDF Dataset Handling
netCDF in GDAL 2.4.2 through 3.0.4 has a stack-based buffer overflow in nc4_get_att (called from nc4_get_att_tc and nc_get_att_text) and in uffd_cleanup (called from netCDFDataset::~netCDFDataset and netCDFDataset::~netCDFDataset).
CVSS 7.8
CVE-2021-45943 WRITEUP MEDIUM WRITEUP
GDAL 3.3.0-3.4.0 - Heap-Based Buffer Overflow in PCIDSK File Reader
GDAL 3.3.0 through 3.4.0 has a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile (called from PCIDSK::CPCIDSKSegment::ReadFromFile and PCIDSK::CPCIDSKBinarySegment::CPCIDSKBinarySegment).
CVSS 5.5
CVE-2023-2731 WRITEUP MEDIUM WRITEUP
libtiff < 4.5.0 - Denial of Service via LZW Decompression NULL Pointer Dereference
A NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.
CVSS 5.5
CVE-2024-56826 WRITEUP MEDIUM WRITEUP
Red Hat Enterprise Linux 9 - Heap-based Buffer Overflow in opj_decompress
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
CVSS 5.6
CVE-2024-56827 WRITEUP MEDIUM WRITEUP
Red Hat Enterprise Linux 9 - Heap-based Buffer Overflow in opj_decompress
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
CVSS 5.6