Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-1645

Опубликовано: 13 мар. 2016
Источник: nvd
CVSS3: 8.8
CVSS2: 9.3
EPSS Низкий

Описание

Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Версия до 49.0.2623.75 (включая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.02189
Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2016-1645

CVSS3: 8.8
ubuntu
почти 10 лет назад

Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.

redhat логотип

CVE-2016-1645

redhat
почти 10 лет назад

Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.

debian логотип

CVE-2016-1645

CVSS3: 8.8
debian
почти 10 лет назад

Multiple integer signedness errors in the opj_j2k_update_image_data fu ...

github логотип

GHSA-gp2j-hgg9-c57v

CVSS3: 8.8
github
больше 3 лет назад

Multiple integer signedness errors in the opj_j2k_update_image_data function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 49.0.2623.87, allow remote attackers to cause a denial of service (incorrect cast and out-of-bounds write) or possibly have unspecified other impact via crafted JPEG 2000 data.

fstec логотип

BDU:2016-00768

fstec
почти 10 лет назад

Уязвимости браузера Google Chrome, позволяющие нарушителю вызвать отказ в обслуживании или оказать другое воздействие

EPSS

Процентиль: 84%
0.02189
Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-119