CVE-2013-4290
OpenJPEG < 1.5.2 - Stack-Based Buffer Overflow in JP3D Compression
Title source: llmDescription
Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.
References (4)
Core 4
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/57285
Various Sources x_refsource_confirm
http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/62362
Exploit mailing-list
x_refsource_mlist
http://seclists.org/oss-sec/2013/q3/593
Scores
EPSS
0.0302
EPSS Percentile
85.9%
Details
CWE
CWE-119
Status
published
Products (4)
uclouvain/openjpeg
1.3
uclouvain/openjpeg
1.4
uclouvain/openjpeg
1.5
uclouvain/openjpeg
< 1.5.1
Published
Apr 18, 2014
Tracked Since
Feb 18, 2026