CVE-2016-4796

Опубликовано: 06 мая 2016

Источник: redhat

CVSS2: 6.8

Описание

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	openjpeg	Not affected
Red Hat Enterprise Linux 7	openjpeg	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-228->CWE-122

Дефект:

CWE-125

https://bugzilla.redhat.com/show_bug.cgi?id=1335482openjpeg: Heap buffer overflow in function color_cmyk_to_rgb in color.c

6.8 Medium

CVSS2

Связанные уязвимости

CVE-2016-4796

CVSS3: 5.5

ubuntu

около 9 лет назад

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

CVE-2016-4796

CVSS3: 5.5

nvd

около 9 лет назад

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

CVE-2016-4796

CVSS3: 5.5

debian

около 9 лет назад

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c ...

GHSA-2mcf-r7v5-r97j

CVSS3: 5.5

github

больше 3 лет назад

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

6.8 Medium

CVSS2