PT-2020-6191 · Openjpeg+9 · Openjpeg2+9

Zodf0055980

Published

2019-07-31

Updated

2023-03-15

CVE-2020-27814

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions openjpeg2 (affected versions not specified)

Description A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. This issue could allow an attacker to cause an application crash or, in some cases, execute arbitrary code with the permission of the user running the application. The vulnerability can also be exploited by a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Heap Based Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-122

Related Identifiers

ALSA-2021:4251

ALT-PU-2019-2337

ALT-PU-2020-3564

ALT-PU-2021-1097

ALT-PU-2021-1197

AZL-45072

BDU:2021-03505

CESA-2021_4251

CVE-2020-27814

DLA-2550-1

DSA-4882-1

MGASA-2020-0464

OESA-2021-1118

OPENSUSE-SU-2022_3802-1

OPENSUSE-SU-2024:13571-1

RHSA-2021:4251

RHSA-2021_4251

RLSA-2021:4251

SUSE-SU-2022:3802-1

USN-4685-1

USN-4686-1

USN-4880-1

USN-5952-1

Affected Products

Alt Linux

Almalinux

Astra Linux

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Openjpeg2

PT-2020-6191 · Openjpeg+9 · Openjpeg2+9

CVE-2020-27814

Weakness Enumeration

Related Identifiers

Affected Products

References · 110