Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
NewSouth Innovations Kakadu SDK 缓冲区错误漏洞
Vulnerability Description
NewSouth Innovations Kakadu SDK是澳大利亚NewSouth Innovations公司的一套JPEG2000软件开发工具包。 NewSouth Innovations Kakadu SDK 7.9版本中的‘kdu_buffered_expand’函数存在越界写入漏洞,该漏洞源于程序没有正确的对用户提交的输入执行边界检测,导致复制数据的大小超过了分配的内存缓冲区空间。攻击者可借助特制的JPEG 2000文件利用该漏洞在受影响应用程序的上下文中执行任意代码或造成拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A