CVE-2013-6053

EPSS 0.4%
Published 27.04.2014 22:55:05
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.

Affected products Warnungen 0 Metrics 2 CWE 1 References 8

Data is provided by the National Vulnerability Database (NVD)

Uclouvain ≫ Openjpeg Version1.5.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.4%	0.579

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://openjpeg.googlecode.com/svn/tags/version.1.5.2/NEWS

Vendor Advisory

http://seclists.org/oss-sec/2013/q4/412

http://www.securityfocus.com/bid/64121

https://bugzilla.redhat.com/show_bug.cgi?id=1036493

https://code.google.com/p/openjpeg/issues/detail?id=297

https://nvd.nist.gov/vuln/detail/CVE-2013-6053

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-6053

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-6053

EUVD