Vulnerability Details : CVE-2013-6045
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2013-6045
Probability of exploitation activity in the next 30 days: 17.09%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2013-6045
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-6045
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-6045
-
http://rhn.redhat.com/errata/RHSA-2013-1850.html
RHSA-2013:1850 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2013/dsa-2808
Debian -- Security Information -- DSA-2808-1 openjpeg
-
http://seclists.org/oss-sec/2013/q4/412
oss-sec: Fwd: [vs] multiple issues in openjpeg
-
http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS
Error 404 (Not Found)!!1
-
http://www.securityfocus.com/bid/64109
OpenJPEG CVE-2013-6045 Multiple Remote Heap Based Buffer Overflow Vulnerabilities
Products affected by CVE-2013-6045
- cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*