Mandriva Linux Security Advisory : openjpeg (MDVSA-2013:110)

Critical Nessus Plugin ID 66122

Synopsis

The remote Mandriva Linux host is missing one or more security updates.

Description

Updated openjpeg packages fix security vulnerability :

An out-of heap-based buffer bounds read and write flaw, leading to invalid free, was found in the way a tile coder / decoder (TCD) implementation of OpenJPEG, an open source JPEG 2000 codec written in C language, performed releasing of previously allocated memory for the TCD encoder handle by processing certain Gray16 TIFF images. A remote attacker could provide a specially crafted TIFF image file, which once converted into the JPEG 2000 file format with an application linked against OpenJPEG (such as 'image_to_j2k'), would lead to that application crash, or, potentially arbitrary code execution with the privileges of the user running the application (CVE-2009-5030).

An input validation flaw, leading to a heap-based buffer overflow, was found in the way OpenJPEG handled the tile number and size in an image tile header. A remote attacker could provide a specially crafted image file that, when decoded using an application linked against OpenJPEG, would cause the application to crash or, potentially, execute arbitrary code with the privileges of the user running the application (CVE-2012-3358).

It was found that OpenJPEG failed to sanity-check an image header field before using it. A remote attacker could provide a specially crafted image file that could cause an application linked against OpenJPEG to crash or, possibly, execute arbitrary code (CVE-2012-3535).

Solution

Update the affected lib64openjpeg-devel, lib64openjpeg1 and / or openjpeg packages.

Plugin Details

Severity: Critical

ID: 66122

File Name: mandriva_MDVSA-2013-110.nasl

Version: 1.9

Type: local

Published: 2013/04/20

Updated: 2019/08/02

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:mandriva:linux:lib64openjpeg-devel, p-cpe:/a:mandriva:linux:lib64openjpeg1, p-cpe:/a:mandriva:linux:openjpeg, cpe:/o:mandriva:business_server:1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/Mandrake/release, Host/Mandrake/rpm-list

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/04/10

Reference Information

CVE: CVE-2009-5030, CVE-2012-3358, CVE-2012-3535

BID: 53012, 54373, 55214

MDVSA: 2013:110

MGASA: 2012-0152, 2012-0166, 2012-0274