CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-4796
https://notcve.org/view.php?id=CVE-2016-4796
03 Feb 2017 — Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file. Desbordamiento de búfer basado en memoria dinámica en el color_cmyk_to_rgb en common/color.c en OpenJPEG en versiones anteriores a 2.1.1 permite a atacantes remotos ocasionar una denegación de servicio (caída) a través de un archivo .j2k manipulado. • http://www.openwall.com/lists/oss-security/2016/05/13/2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2016-9675 – openjpeg: incorrect fix for CVE-2013-6045
https://notcve.org/view.php?id=CVE-2016-9675
22 Dec 2016 — openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code. openjpeg: Se ha descubierto un fallo de desbordamiento de búfer basado en memoria dinámica en el parche para CVE-2013-6045. Una imagen j2k manipulada puede provocar la caída de la aplicación, o potencialmente ejecutar código arbitrario. A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted J... • http://rhn.redhat.com/errata/RHSA-2017-0559.html • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3183 – Gentoo Linux Security Advisory 201612-26
https://notcve.org/view.php?id=CVE-2016-3183
08 Dec 2016 — The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file. La función sycc422_t_rgb en common/color.c en OpenJPEG en versiones anteriores a 2.1.1 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo jpeg2000 manipulado. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow execution of arbitrary code. Versi... • http://www.openwall.com/lists/oss-security/2016/03/16/17 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3182 – Gentoo Linux Security Advisory 201612-26
https://notcve.org/view.php?id=CVE-2016-3182
08 Dec 2016 — The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file. La función color_esycc_to_rgb en el archivo bin/common/color.c en OpenJPEG versiones anteriores a 2.1.1, permite a atacantes causar una denegación de servicio (corrupción de memoria) por medio de un archivo jpeg 2000 diseñado. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow execution of arbitrary code... • http://www.openwall.com/lists/oss-security/2016/03/16/16 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9113 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9113
30 Oct 2016 — There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service. Hay una referencia a puntero NULL en la función imagetobmp de convertbmp.c:980 de OpenJPEG 2.1.2. image->comps[0].data no se asigna un valor después de la inicialización (NULL). El impacto es de denegación de servicio. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote att... • http://www.securityfocus.com/bid/93980 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9114 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9114
30 Oct 2016 — There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service. Hay un acceso a puntero NULL en la función imagetopnm de convert.c:1943(jp2) de OpenJPEG 2.1.2. image->comps[compno].data no se asigna un valor después de la inicialización (NULL). El impacto es de denegación de servicio. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remo... • http://www.securityfocus.com/bid/93979 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9115 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9115
30 Oct 2016 — Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Sobre lectura de búfer basado en memoria dinámica en la función imagetotga de convert.c(jp2):942 en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93977 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9116 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9116
30 Oct 2016 — NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Acceso a puntero NULL en la función imagetopnm de convert.c:2226(jp2) en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93975 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9117 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9117
30 Oct 2016 — NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Acceso a puntero NULL en la función imagetopnm de convert.c(jp2):1289 en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93783 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9118 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9118
30 Oct 2016 — Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. Desbordamiento de búfer basado en memoria dinámica (WRITE de tamaño 4) en la función pnmtoimage de convert.c:1719 en OpenJPEG 2.1.2. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.3.0:2 are affected. • http://www.debian.org/security/2017/dsa-4013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •