Vulnerabilities > CVE-2014-0349 - Remote Code Execution vulnerability in J2K-Codec

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
j2k-codec
critical
NVD
Published: 2014-04-12
Updated: 2014-04-14

Summary

Multiple unspecified vulnerabilities in J2k-Codec allow remote attackers to execute arbitrary code via a crafted JPEG 2000 file.

Vulnerable Configurations

Part Description Count
Application
J2K-Codec
1

Seebug

bulletinFamilyexploit
descriptionCVE ID:CVE-2014-0349 J2k-Codec是一个JPEG 2000解码器。 J2k-Codec处理JPEG 2000图像时存在多个安全漏洞,允许攻击者构建恶意图像文件,诱使用户解析,可使应用程序崩溃或执行任意代码。 0 J2k-Codec 2.2 目前没有详细解决方案: http://j2k-codec.com/
idSSV:62124
last seen2017-11-19
modified2014-04-11
published2014-04-11
reporterRoot
titleJ2k-Codec特制JPEG 2000文件处理多个任意代码执行漏洞

References