CVE-2016-9675

Опубликовано: 26 сент. 2016

Источник: redhat

CVSS3: 7.5

CVSS2: 6.8

Описание

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or possible code execution.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1382202openjpeg: incorrect fix for CVE-2013-6045

7.5 High

CVSS3

6.8 Medium

CVSS2

Связанные уязвимости

CVE-2016-9675

CVSS3: 7.8

ubuntu

почти 9 лет назад

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

CVE-2016-9675

CVSS3: 7.8

nvd

почти 9 лет назад

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

CVE-2016-9675

CVSS3: 7.8

debian

почти 9 лет назад

openjpeg: A heap-based buffer overflow flaw was found in the patch for ...

GHSA-6xgj-8663-75f9

CVSS3: 7.8

github

больше 3 лет назад

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

ELSA-2017-0559

oracle-oval

больше 8 лет назад

ELSA-2017-0559: openjpeg security update (MODERATE)

7.5 High

CVSS3

6.8 Medium

CVSS2