CVE-2016-7163

Опубликовано: 21 сент. 2016

Источник: debian

EPSS Низкий

Описание

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
openjpeg2	fixed	2.1.2-1		package

Примечания

https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24

EPSS

Процентиль: 56%

0.00337

Низкий

Связанные уязвимости

CVE-2016-7163

CVSS3: 7.8

ubuntu

около 9 лет назад

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

CVE-2016-7163

CVSS3: 4.4

redhat

около 9 лет назад

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

CVE-2016-7163

CVSS3: 7.8

nvd

около 9 лет назад

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

GHSA-jm4f-49x7-642p

CVSS3: 7.8

github

больше 3 лет назад

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.

openSUSE-SU-2017:2186-1

suse-cvrf

около 8 лет назад

Security update for openjpeg2

EPSS

Процентиль: 56%

0.00337

Низкий