NotCVE - vendor:"Uclouvain" product:"Openjpeg" version:"

Page 3 of 63 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 2

CVE-2015-1239

https://notcve.org/view.php?id=CVE-2015-1239

18 Oct 2017 — Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. Vulnerabilidad de doble liberación (double free) en la función j2k_read_ppm_v3 en OpenJPEG en versiones anteriores a la r2997, tal y como se emplea en PDFium en Google Chrome, permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado del proceso) mediante un PDF manipulado. • https://bugs.chromium.org/p/chromium/issues/detail?id=430891 • CWE-415: Double Free •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2017-14164 – Gentoo Linux Security Advisory 201710-26

https://notcve.org/view.php?id=CVE-2017-14164

06 Sep 2017 — A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c) or possibly remote code execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-14152. Existe un error de validación de tamaño en opj_j2k_write_sot en lib/openjp2/j2k.c en OpenJPEG 2.2.0. La vulnerabilidad da lug... • http://www.securityfocus.com/bid/100677 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-14151

https://notcve.org/view.php?id=CVE-2017-14151

05 Sep 2017 — An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and opj_t1_encode_cblk in lib/openjp2/t1.c) or possibly remote code execution. Se ha descubierto un error por un paso (off-by-one) en opj_tcd_code_block_enc_allocate_data en lib/openjp2/tcd.c en OpenJPEG 2.2.0. La vulnerabilidad da ... • http://www.debian.org/security/2017/dsa-4013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-14152

https://notcve.org/view.php?id=CVE-2017-14152

05 Sep 2017 — A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c and opj_j2k_write_sot in lib/openjp2/j2k.c) or possibly remote code execution. Se ha descubierto un caso de un valor cero que no se maneja correctamente en opj_j2k_set_cinema_parameters en lib/openjp2/j2k.c en OpenJPEG 2.2.0. La vu... • http://www.debian.org/security/2017/dsa-4013 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-14041

https://notcve.org/view.php?id=CVE-2017-14041

30 Aug 2017 — A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution. Se descubrió una vulnerabilidad de desbordamiento de búfer basado en pila en la función pgxtoimage en bin/jp2/convert.c en OpenJPEG 2.2.0. La vulnerabilidad provoca una escritura fuera de límites, lo que puede provocar una denegación de servicio o posiblemente una ejecució... • http://www.debian.org/security/2017/dsa-4013 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 1%CPEs: 3EXPL: 0

CVE-2017-14040

https://notcve.org/view.php?id=CVE-2017-14040

30 Aug 2017 — An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact. Se descubrió un acceso de escritura no válido en bin/jp2/convert.c en OpenJPEG 2.2.0 desencadenando un fallo en la función tgatoimage. La vulnerabilidad puede provocar una denegación de servicio o posiblemente otro impacto no especificado. • http://www.debian.org/security/2017/dsa-4013 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0

CVE-2017-14039 – Gentoo Linux Security Advisory 201710-26

https://notcve.org/view.php?id=CVE-2017-14039

30 Aug 2017 — A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. Se descubrió una vulnerabilidad de desbordamiento de búfer basado en montículos en la función opj_t2_encode_packet en lib/openjp2/t2.c en OpenJPEG 2.2.0. La vulnerabilidad provoca una escritura fuera de límites, lo que puede provocar una denegación de servicio o... • http://www.debian.org/security/2017/dsa-4013 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-10507 – Gentoo Linux Security Advisory 201710-26

https://notcve.org/view.php?id=CVE-2016-10507

30 Aug 2017 — Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file. Una vulnerabilidad de desbordamiento de enteros en la función bmp24toimage de convertbmp.c en OpenJPEG en versiones anteriores a la 2.2.0 permite que atacantes remotos provoquen una denegación de servicio (sobrelectura de búfer basada en montículos y fallo de aplicación) mediante u... • http://www.securityfocus.com/bid/100567 • CWE-190: Integer Overflow or Wraparound •

CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0

CVE-2016-10506 – Gentoo Linux Security Advisory 201710-26

https://notcve.org/view.php?id=CVE-2016-10506

30 Aug 2017 — Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. Existen vulnerabilidades de división entre cero en las funciones opj_pi_next_cprl, opj_pi_next_pcrl y opj_pi_next_rpcl de pi.c en OpenJPEG en versiones anteriores a la 2.2.0 permite que atacantes remotos provoquen una denegación de servicio (fallo de servicio) mediante archivo... • http://www.securityfocus.com/bid/100573 • CWE-369: Divide By Zero •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2016-10505 – Gentoo Linux Security Advisory 201710-26

https://notcve.org/view.php?id=CVE-2016-10505

30 Aug 2017 — NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. Existen vulnerabilidades de desreferencia de puntero NULL en las funciones imagetopnm en convert.c, sycc444_to_rgb en color.c, color_esycc_to_rgb en color.c y sycc422_to_rgb en color.c para OpenJ... • https://github.com/uclouvain/openjpeg/issues/776 • CWE-476: NULL Pointer Dereference •

1 2 3 4 5