CVE-2013-4290

OpenJPEG < 1.5.2 - Stack-Based Buffer Overflow in JP3D Compression

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.

References (4)

Core 4
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/57285
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/62362
Exploit mailing-list x_refsource_mlist
http://seclists.org/oss-sec/2013/q3/593

Scores

EPSS 0.0302
EPSS Percentile 85.9%

Details

CWE
CWE-119
Status published
Products (4)
uclouvain/openjpeg 1.3
uclouvain/openjpeg 1.4
uclouvain/openjpeg 1.5
uclouvain/openjpeg < 1.5.1
Published Apr 18, 2014
Tracked Since Feb 18, 2026