← Back

CVE-2018-19543

nvd nist
Published: Nov 26, 2018Modified: Nov 21, 2024

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.

Affected (10)

Show all products
Jasper Project: Jasper · Canonical: Ubuntu Linux · Debian: Debian Linux · Suse: Linux Enterprise Desktop, Linux Enterprise Server
Jasper Project
1 product
Jasper
Canonical
1 product
Ubuntu Linux
Debian
1 product
Debian Linux
Suse
2 products
Linux Enterprise Desktop
Linux Enterprise Server
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Jasper
Version 2.0.14
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 16.04
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Debian Linux
Version 8.0
Configuration D
6 vulnerable
Vulnerable SoftwareAffected Versions
Suse
Linux Enterprise Desktop
Version 12 sp3
Linux Enterprise Desktop
Version 12 sp4
Suse
Linux Enterprise Server
Version 11 sp3
Linux Enterprise Server
Version 11 sp4
Linux Enterprise Server
Version 12 sp1
Linux Enterprise Server
Version 12 sp2

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (8)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.