CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9114
https://notcve.org/view.php?id=CVE-2016-9114
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service. Hay un acceso a puntero NULL en la función imagetopnm de convert.c:1943(jp2) de OpenJPEG 2.1.2. image->comps[compno].data no se asigna un valor después de la inicialización (NULL). El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93979 https://github.com/uclouvain/openjpeg/issues/857 https://security.gentoo.org/glsa/201710-26 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9115
https://notcve.org/view.php?id=CVE-2016-9115
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Sobre lectura de búfer basado en memoria dinámica en la función imagetotga de convert.c(jp2):942 en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93977 https://github.com/uclouvain/openjpeg/issues/858 https://security.gentoo.org/glsa/201710-26 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9118
https://notcve.org/view.php?id=CVE-2016-9118
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. Desbordamiento de búfer basado en memoria dinámica (WRITE de tamaño 4) en la función pnmtoimage de convert.c:1719 en OpenJPEG 2.1.2. • http://www.debian.org/security/2017/dsa-4013 http://www.securityfocus.com/bid/93976 https://github.com/uclouvain/openjpeg/issues/861 https://security.gentoo.org/glsa/201710-26 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9112
https://notcve.org/view.php?id=CVE-2016-9112
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2. Floating Point Exception (también conocido como FPE o dividir entre cero) en la función opj_pi_next_cprl en openjp2/pi.c:523 en OpenJPEG 2.1.2. • http://www.securityfocus.com/bid/93978 https://github.com/uclouvain/openjpeg/issues/855 https://lists.debian.org/debian-lts-announce/2019/07/msg00010.html https://security.gentoo.org/glsa/201710-26 https://www.oracle.com/security-alerts/cpujul2020.html • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 3%CPEs: 1EXPL: 1CVE-2016-8332
https://notcve.org/view.php?id=CVE-2016-8332
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector. • http://www.debian.org/security/2017/dsa-3768 http://www.securityfocus.com/bid/93242 http://www.securitytracker.com/id/1038623 http://www.talosintelligence.com/reports/TALOS-2016-0193 https://github.com/uclouvain/openjpeg/releases/tag/v2.1.2 https://www.oracle.com/security-alerts/cpujul2020.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •