Redhat Enterprise Linux : Security vulnerabilities, CVEs Code Execution published in December 2014

Copy

CVE-2014-8138

Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.

Max CVSS

7.5

EPSS Score

23.25%

Published

2014-12-24

Updated

2018-01-05

CVE-2014-8137

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.

Max CVSS

6.8

EPSS Score

15.61%

Published

2014-12-24

Updated

2018-01-05

2 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!