| CNNVD-ID编号 | CNNVD-202004-2157 |
| CVE编号 | CVE-2020-12268 |
| 发布时间 | 2020-04-26 |
| 更新时间 | 2020-09-07 |
| 漏洞类型 | 缓冲区错误 |
| 漏洞来源 | N/A |
| 危险等级 | 超危 |
| 威胁类型 | 远程 |
| 厂 商 | N/A |
Artifex Software jbig2dec是美国Artifex Software公司的一款JBIG2图像压缩格式的解??码器实现。
Artifex Software jbig2dec 0.18之前版本中的jbig2_image.c文件的‘jbig2_image_compose’函数存在缓冲区错误漏洞。攻击者可利用该漏洞执行任意代码或造成拒绝服务。
目前厂商已发布升级了Artifex Software jbig2dec 缓冲区错误漏洞的补丁,Artifex Software jbig2dec 缓冲区错误漏洞的补丁获取链接:
https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
来源:MISC
链接:https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=20332
来源:MISC
链接:https://github.com/ArtifexSoftware/jbig2dec/compare/0.17...0.18
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00034.html
来源:MISC
链接:https://github.com/ArtifexSoftware/jbig2dec/commit/0726320a4b55078e9d8deb590e477d598b3da66e
来源:nvd.nist.gov
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/158493/Red-Hat-Security-Advisory-2020-3043-01.html
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/158401/Red-Hat-Security-Advisory-2020-2897-01.html
来源:www.auscert.org.au
来源:packetstormsecurity.com
链接:https://packetstormsecurity.com/files/158445/Red-Hat-Security-Advisory-2020-2971-01.html
来源:www.auscert.org.au
来源:www.nsfocus.net
来源:vigilance.fr
链接:https://vigilance.fr/vulnerability/ghostscript-buffer-overflow-via-jbig2-image-compose-32210
来源:www.auscert.org.au
暂无