CVE-2009-5030
Published: 18 July 2012
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."
Priority
Status
Package | Release | Status |
---|---|---|
openjpeg Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Released
(1.3+dfsg-4+squeeze1build0.10.04.1)
|
|
natty |
Ignored
(end of life)
|
|
oneiric |
Released
(1.3+dfsg-4+squeeze1build0.11.10.1)
|
|
precise |
Released
(1.3+dfsg-4+squeeze1build0.12.04.1)
|
|
quantal |
Not vulnerable
(1.3+dfsg-4.3)
|
|
upstream |
Released
(1.3+dfsg-4.1)
|