PT-2018-18182 · Openjpeg+1 · Openjpeg+1

Setharnold

Publicado

2018-03-02

Atualizado

2021-01-26

CVE-2018-7648

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions OpenJPEG version 2.3.0

Description An issue was discovered in the mj2/opj mj2 extract.c file. The output prefix was not checked for length, which could cause a buffer overflow when a prefix with 50 or more characters is provided on the command line.

Recommendations For OpenJPEG version 2.3.0, consider restricting the length of the output prefix to prevent buffer overflow until a patch is available.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

ALT-PU-2019-1582

CVE-2018-7648

OPENSUSE-SU-2024:11120-1

Produtos afetados

Alt Linux

Openjpeg

PT-2018-18182 · Openjpeg+1 · Openjpeg+1

CVE-2018-7648

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 38