CVE-2009-5030 - OpenCVE

The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Uclouvain	Openjpeg

Configuration 1 [-]

OR	cpe:2.3:a:uclouvain:openjpeg:1.3:::::::*
	cpe:2.3:a:uclouvain:openjpeg:1.4:::::::*
	cpe:2.3:a:uclouvain:openjpeg:1.5:::::::*

References

Link	Resource
http://code.google.com/p/openjpeg/issues/detail?id=5
http://code.google.com/p/openjpeg/source/detail?r=1703	Patch
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082923.html
http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083105.html
http://rhn.redhat.com/errata/RHSA-2012-1068.html
http://secunia.com/advisories/48781	Vendor Advisory
http://secunia.com/advisories/49913	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2012:104
http://www.openwall.com/lists/oss-security/2012/04/13/5
http://www.securityfocus.com/bid/53012
https://exchange.xforce.ibmcloud.com/vulnerabilities/74851
https://groups.google.com/forum/#%21topic/openjpeg/DLVrRKbTeI0/discussion

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2012-07-18T22:00:00

Updated: 2017-08-16T14:57:01

Reserved: 2010-12-09T00:00:00

Link: CVE-2009-5030

JSON object: View

NVD Information

Status : Modified

Published: 2012-07-18T22:55:03.680

Modified: 2023-02-13T02:20:50.393

Link: CVE-2009-5030

JSON object: View

Redhat Information

No data.

CWE

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-07-31T00:00:00", "descriptions": [{"lang": "en", "value": "The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an \"invalid free.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "48781", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/48781"}, {"name": "RHSA-2012:1068", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1068.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://groups.google.com/forum/#%21topic/openjpeg/DLVrRKbTeI0/discussion"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/openjpeg/source/detail?r=1703"}, {"name": "FEDORA-2012-9602", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083105.html"}, {"name": "49913", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/49913"}, {"name": "openjpeg-tcdfreeencode-code-execution(74851)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74851"}, {"name": "MDVSA-2012:104", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:104"}, {"name": "[oss-security] 20120413 Re: CVE Request: Heap corruption in openjpeg", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/04/13/5"}, {"name": "53012", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/53012"}, {"name": "FEDORA-2012-9628", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082923.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://code.google.com/p/openjpeg/issues/detail?id=5"}]}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2009-5030", "datePublished": "2012-07-18T22:00:00", "dateReserved": "2010-12-09T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:uclouvain:openjpeg:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7AC444C0-9F0C-4CA5-B07B-4CFD40083232", "vulnerable": true}, {"criteria": "cpe:2.3:a:uclouvain:openjpeg:1.4:*:*:*:*:*:*:*", "matchCriteriaId": "BD7783C8-538F-4D5C-8F73-658805E9315A", "vulnerable": true}, {"criteria": "cpe:2.3:a:uclouvain:openjpeg:1.5:*:*:*:*:*:*:*", "matchCriteriaId": "564678E7-4F36-48CE-A971-3639802E3428", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an \"invalid free.\""}, {"lang": "es", "value": "La funci\u00f3n tcd_free_encode tcd.c en OpenJPEG v1.3 a v1.5 permite a atacantes remotos causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de la informaci\u00f3n de mosaico modificada en una imagen Gray16 TIFF, lo que hace que no se reserve la memoria suficiente y conduce a un \"invalid free\"."}], "id": "CVE-2009-5030", "lastModified": "2023-02-13T02:20:50.393", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-07-18T22:55:03.680", "references": [{"source": "secalert@redhat.com", "url": "http://code.google.com/p/openjpeg/issues/detail?id=5"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://code.google.com/p/openjpeg/source/detail?r=1703"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082923.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-June/083105.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-1068.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/48781"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/49913"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:104"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/04/13/5"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/53012"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74851"}, {"source": "secalert@redhat.com", "url": "https://groups.google.com/forum/#%21topic/openjpeg/DLVrRKbTeI0/discussion"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}