CVE-2012-3535

Public on 2012-09-05

Modified on 2014-09-14

Description

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.

Severity

Important

See what this means

CVSS v3 Base Score

6.8

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 1	openjpeg	2012-09-22	ALAS-2012-125

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv2	6.8	AV:N/AC:M/Au:N/C:P/I:P/A:P
NVD	CVSSv2	6.8	AV:N/AC:M/Au:N/C:P/I:P/A:P

References

FAQs regarding Amazon Linux ALAS/CVE Severity Red Hat: CVE-2012-3535 Mitre: CVE-2012-3535