Guest

Preview Tool

Cisco Bug: CSCus72040 - CUCDM: LibJasper and Libelf1 Vulnerabilities

Last Modified

Aug 06, 2018

Products (1)

  • Cisco Hosted Collaboration Solution (HCS)

Known Affected Releases

10.1(2)

Description (partial)

Symptoms:
Cisco Hosted Collaboration Solution (HCS) includes a version of Jasper & LibElf that are affected by the
vulnerabilities identified by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2014-8137: Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier
allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted
ICC color profile in a JPEG 2000 image file. This has been classified by the vendor as having a CVSSv2 score
of 6.8 (AV:N/AC:M/AU:N/C:P/I:P/A:P)

CVE-2014-8138: Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows
remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG
2000 file. This has been classified by the vendor as having a CVSSv2 score of 7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P)

CVE-2014-8157: Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows
remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG
2000 image, which triggers a heap-based buffer overflow. This has been classified by the vendor as having a
CVSSv2 score of 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote
attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000
image. This has been classified by the vendor as having a CVSSv2 score of 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)

CVE-2014-9447: Directory traversal vulnerability in the read_long_names function in libelf/elf_begin.c in
elfutils 0.152 and 0.161 allows remote attackers to write to arbitrary files to the root directory via a /
(slash) in a crafted archive, as demonstrated using the ar program. This has been classified by the vendor as
having a CVSSv2 score of 6.4 (AV:N/AC:L/AU:N/C:N/I:P/A:P)

This bug was opened to address the potential impact on this product.

Conditions:
Running version of the software prior to the Known Fixed Releases.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.