CVE-2014-8158
published 2015-01-26CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly…
PriorityP344medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EPSS
14.45%
96.2th percentile
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| jasper_project | jasper | <= 1.900.1 | — |
| jasper_project | jasper | >= 0 < 1.900.1-14ubuntu3.2 | 1.900.1-14ubuntu3.2 |
| opensuse | opensuse | — | — |
| opensuse | opensuse | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM
vendor_redhat6.8MEDIUM
vendor_ubuntu6.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Ghostscript vulnerabilities
vendor_ubuntu·2015-01-26·CVSS 6.8
CVE-2014-8137 [MEDIUM] Ghostscript vulnerabilities
Title: Ghostscript vulnerabilities
Summary: Ghostscript could be made to crash or run programs as your login if it
opened a specially crafted file.
USN-2483-1 fixed vulnerabilities in JasPer. This update provides the
corresponding fix for the JasPer library embedded in the Ghostscript
package.
Original advisory details:
Jose Duart discovered that JasPer incorrectly handled ICC color profiles in
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash
or possibly execute arbitrary code with user privileges. (CVE-2014-8137)
Jose Duart discovered that JasPer incorrectly decoded certain malformed
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a re
Ubuntu
JasPer vulnerabilities
vendor_ubuntu·2015-01-26·CVSS 6.8
CVE-2014-8137 [MEDIUM] JasPer vulnerabilities
Title: JasPer vulnerabilities
Summary: JasPer could be made to crash or run programs as your login if it
opened a specially crafted file.
Jose Duart discovered that JasPer incorrectly handled ICC color profiles in
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash
or possibly execute arbitrary code with user privileges. (CVE-2014-8137)
Jose Duart discovered that JasPer incorrectly decoded certain malformed
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash
or possibly execute arbitrary code with user privileges. (CVE-2014-8138)
It was discovered that JasPer incorrectly handled certain malformed
JP
Red Hat
jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
vendor_redhat·2015-01-21·CVSS 6.8
CVE-2014-8158 [MEDIUM] CWE-770 jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
An unrestricted stack memory use flaw was found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
Package: netpbm (Red Hat Enterprise Linux 5) - Not affected
GHSA
GHSA-r55x-7v7f-p64g: Multiple stack-based buffer overflows in jpc_qmfb
ghsa_unreviewed·2022-05-14
CVE-2014-8158 [MEDIUM] CWE-119 GHSA-r55x-7v7f-p64g: Multiple stack-based buffer overflows in jpc_qmfb
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
OSV
jasper vulnerabilities
osv·2015-01-26·CVSS 6.8
CVE-2014-8137 [MEDIUM] jasper vulnerabilities
jasper vulnerabilities
Jose Duart discovered that JasPer incorrectly handled ICC color profiles in
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash
or possibly execute arbitrary code with user privileges. (CVE-2014-8137)
Jose Duart discovered that JasPer incorrectly decoded certain malformed
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash
or possibly execute arbitrary code with user privileges. (CVE-2014-8138)
It was discovered that JasPer incorrectly handled certain malformed
JPEG-2000 image files. If a user were tricked into opening a specially
crafted JPEG-2000 image file, a remote attacker
OSV
CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb
osv·2015-01-22·CVSS 6.8
CVE-2014-8158 [MEDIUM] CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-8157 CVE-2014-8158 mingw-jasper: various flaws [fedora-all]
bugzilla·2015-01-22·CVSS 7.5
CVE-2014-8157 [HIGH] CVE-2014-8157 CVE-2014-8158 mingw-jasper: various flaws [fedora-all]
CVE-2014-8157 CVE-2014-8158 mingw-jasper: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. W
Bugzilla
CVE-2014-8157 CVE-2014-8158 mingw-jasper: various flaws [epel-7]
bugzilla·2015-01-22·CVSS 7.5
CVE-2014-8157 [HIGH] CVE-2014-8157 CVE-2014-8158 mingw-jasper: various flaws [epel-7]
CVE-2014-8157 CVE-2014-8158 mingw-jasper: various flaws [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-7 tracking bug for mingw-jasper: see blocks bug list for fu
Bugzilla
CVE-2014-8157 CVE-2014-8158 jasper: various flaws [fedora-all]
bugzilla·2015-01-22·CVSS 7.5
CVE-2014-8157 [HIGH] CVE-2014-8157 CVE-2014-8158 jasper: various flaws [fedora-all]
CVE-2014-8157 CVE-2014-8158 jasper: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora. While o
Bugzilla
CVE-2014-8157 CVE-2014-8158 jasper: various flaws [epel-5]
bugzilla·2015-01-22·CVSS 7.5
CVE-2014-8157 [HIGH] CVE-2014-8157 CVE-2014-8158 jasper: various flaws [epel-5]
CVE-2014-8157 CVE-2014-8158 jasper: various flaws [epel-5]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora EPEL.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
epel-5 tracking bug for jasper: see blocks bug list for full details o
Bugzilla
CVE-2014-8158 jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
bugzilla·2015-01-06·CVSS 6.8
CVE-2014-8158 [MEDIUM] CVE-2014-8158 jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
CVE-2014-8158 jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001)
oCERT reports an issue in jasper discovered by pyddeh:
"""
In jpc_qmfb.c JasPer uses variable length arrays where the sizes are
derived from the codestream data, e.g. jpc_qmfb.c:305:
void jpc_qmfb_split_row(jpc_fix_t *a, int numcols, int parity)
{
int bufsize = JPC_CEILDIVPOW2(numcols, 1);
#if !defined(HAVE_VLA)
jpc_fix_t splitbuf[QMFB_SPLITBUFSIZE];
#else
jpc_fix_t splitbuf[bufsize];
#endif
jpc_fix_t *buf = splitbuf;
Here, numcols is from the codestream, in other places its numrows. I'm not
sure how bad this is, but some broken codestreams i generated crashed there
with negative numbers, which i think is dangerous if combined with VLAs.
Fix proposal: remove the VLA code (see attached patch).
"""
Ac
arXiv
Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection
arxiv_fulltext·2025-04-23
Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection
Top Score on the Wrong Exam: On Benchmarking in Machine Learning for Vulnerability Detection
Niklas Risse
MPI-SP\ , Germany
Jing Liu
MPI-SP\ , Germany
Marcel Böhme
MPI-SP\ , Germany
## Abstract
According to our survey of machine learning for vulnerability detection (ML4VD), 9 in every 10 papers published in the past five years define ML4VD as a function-level binary classification problem:
center
Given a function, does it contain a security flaw?
center
From our experience as security researchers, faced with deciding whether a given function makes the program vulnerable to attacks, we would often first want to understand the context in which this function is called.
In this paper, we study how often this decision can really be made without further context and study both vulnerable an
http://advisories.mageia.org/MGASA-2015-0038.htmlhttp://lists.opensuse.org/opensuse-updates/2015-02/msg00014.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0074.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0698.htmlhttp://secunia.com/advisories/62583http://secunia.com/advisories/62615http://secunia.com/advisories/62619http://secunia.com/advisories/62765http://www.debian.org/security/2015/dsa-3138http://www.mandriva.com/security/advisories?name=MDVSA-2015:034http://www.mandriva.com/security/advisories?name=MDVSA-2015:159http://www.ocert.org/advisories/ocert-2015-001.htmlhttp://www.securityfocus.com/bid/72293http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606http://www.ubuntu.com/usn/USN-2483-1http://www.ubuntu.com/usn/USN-2483-2http://advisories.mageia.org/MGASA-2015-0038.htmlhttp://lists.opensuse.org/opensuse-updates/2015-02/msg00014.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0074.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0698.htmlhttp://secunia.com/advisories/62583http://secunia.com/advisories/62615http://secunia.com/advisories/62619http://secunia.com/advisories/62765http://www.debian.org/security/2015/dsa-3138http://www.mandriva.com/security/advisories?name=MDVSA-2015:034http://www.mandriva.com/security/advisories?name=MDVSA-2015:159http://www.ocert.org/advisories/ocert-2015-001.htmlhttp://www.securityfocus.com/bid/72293http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606http://www.ubuntu.com/usn/USN-2483-1http://www.ubuntu.com/usn/USN-2483-2
2015-01-26
Published