CVE-2018-20570
published 2018-12-28CVE-2018-20570: jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
PriorityP427medium6.5CVSS 3.0
AVNACLPRNUIRSUCNINAH
EPSS
2.24%
80.6th percentile
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| jasper_project | jasper | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv6.5MEDIUM
vendor_redhat6.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-j3h5-m47q-9g35: jp2_encode in jp2/jp2_enc
ghsa_unreviewed·2022-05-13
CVE-2018-20570 [MEDIUM] CWE-125 GHSA-j3h5-m47q-9g35: jp2_encode in jp2/jp2_enc
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
OSV
CVE-2018-20570: jp2_encode in jp2/jp2_enc
osv·2018-12-28·CVSS 6.5
CVE-2018-20570 [MEDIUM] CVE-2018-20570: jp2_encode in jp2/jp2_enc
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
Red Hat
jasper: heap-based buffer over-read in jp2_encode()
vendor_redhat·2018-12-28·CVSS 6.5
CVE-2018-20570 [MEDIUM] CWE-125 jasper: heap-based buffer over-read in jp2_encode()
jasper: heap-based buffer over-read in jp2_encode()
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
A vulnerability was found in Jasper due to a heap-based buffer overflow caused by improper bounds checking in the jp2_encode function within jp2/jp2_enc.c, an attacker could exploit this flaw by persuading a victim to open a specially crafted file, leading to a buffer overflow that could execute arbitrary code on the system or cause the application to crash.
Statement: This vulnerability was rated as LOW severity because it could allow a attacker to execute arbitrary code or crash the application, it doesn’t directly compromise the system.
Package: netpbm (Red Hat Enterprise Linux 5) - Out of support scope
Package: jasper (Red Hat Enterprise Linux 6) - Ou
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-20570 mingw-jasper: jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [fedora-all]
bugzilla·2019-01-09·CVSS 6.5
CVE-2018-20570 [MEDIUM] CVE-2018-20570 mingw-jasper: jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [fedora-all]
CVE-2018-20570 mingw-jasper: jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affe
Bugzilla
CVE-2018-20570 mingw-jasper: jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [epel-7]
bugzilla·2019-01-09·CVSS 6.5
CVE-2018-20570 [MEDIUM] CVE-2018-20570 mingw-jasper: jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [epel-7]
CVE-2018-20570 mingw-jasper: jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [epel-7]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-7.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
Discussion:
Use the followin
Bugzilla
CVE-2018-20570 jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [fedora-all]
bugzilla·2019-01-09·CVSS 6.5
CVE-2018-20570 [MEDIUM] CVE-2018-20570 jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [fedora-all]
CVE-2018-20570 jasper: heap-based buffer over-read in jp2_encode in jp2/jp2_enc.c [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple s
Bugzilla
CVE-2018-20570 jasper: heap-based buffer over-read in jp2_encode()
bugzilla·2019-01-09·CVSS 6.5
CVE-2018-20570 [MEDIUM] CVE-2018-20570 jasper: heap-based buffer over-read in jp2_encode()
CVE-2018-20570 jasper: heap-based buffer over-read in jp2_encode()
A flaw was found in in JasPer 2.0.14. A heap-based buffer over-read in jp2_encode function in jp2/jp2_enc.c file.
References:
https://github.com/mdadams/jasper/issues/191
Discussion:
Created jasper tracking bugs for this issue:
Affects: fedora-all [bug 1664879]
Created mingw-jasper tracking bugs for this issue:
Affects: epel-7 [bug 1664881]
Affects: fedora-all [bug 1664880]
---
This problem is in the following code in the jp2_encode() function:
https://github.com/mdadams/jasper/blob/version-2.0.16/src/libjasper/jp2/jp2_enc.c#L294-L312
There are calls to jas_image_cmpttype() as jas_image_cmpttype(image, 2), where jas_image_cmpttype() is a macro defined as:
#define jas_image_cmpttype(image, cmptno) \
((image)->c
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.htmlhttps://github.com/mdadams/jasper/issues/191https://lists.debian.org/debian-lts-announce/2019/01/msg00003.htmlhttps://www.oracle.com/security-alerts/cpuapr2020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.htmlhttp://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.htmlhttps://github.com/mdadams/jasper/issues/191https://lists.debian.org/debian-lts-announce/2019/01/msg00003.htmlhttps://www.oracle.com/security-alerts/cpuapr2020.html
2018-12-28
Published