CVE-2013-1447 — Openjpeg vulnerability

9 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.7%

top 27.41%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Uclouvain Openjpeg

Timeline

PublishedDec 12

Latest updateMay 13

Description

OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Ubuntuuclouvain/openjpeg< 1.3+dfsg-4.7ubuntu1

▶NVDuclouvain/openjpeg1.3

🔴Vulnerability Details

GHSA

GHSA-ccpm-4wxg-wxgf: OpenJPEG 1↗2022-05-13

▶

CVEList

CVE-2013-1447: OpenJPEG 1↗2013-12-12

▶

OSV

CVE-2013-1447: OpenJPEG 1↗2013-12-12

▶

📋Vendor Advisories

Red Hat

openjpeg: multiple denial of service flaws↗2013-12-04

▶

💬Community

Bugzilla

CVE-2013-6887 CVE-2013-1447 mingw-openjpeg: various flaws [fedora-all]↗2013-12-06

▶

Bugzilla

CVE-2013-6054 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 openjpeg: various flaws [epel-5]↗2013-12-05

▶

Bugzilla

CVE-2013-6887 CVE-2013-1447 CVE-2013-6045 CVE-2013-6052 CVE-2013-6053 openjpeg: various flaws [fedora-all]↗2013-12-05

▶

Bugzilla

CVE-2013-1447 openjpeg: multiple denial of service flaws↗2013-12-04

▶