VYPR
Unrated severityNVD Advisory· Published Dec 8, 2014· Updated Jun 17, 2026

CVE-2014-9029

CVE-2014-9029

Description

Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.