CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9116 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9116
30 Oct 2016 — NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Acceso a puntero NULL en la función imagetopnm de convert.c:2226(jp2) en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93975 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9117 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9117
30 Oct 2016 — NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Acceso a puntero NULL en la función imagetopnm de convert.c(jp2):1289 en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93783 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9118 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9118
30 Oct 2016 — Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. Desbordamiento de búfer basado en memoria dinámica (WRITE de tamaño 4) en la función pnmtoimage de convert.c:1719 en OpenJPEG 2.1.2. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.3.0:2 are affected. • http://www.debian.org/security/2017/dsa-4013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9112 – Ubuntu Security Notice USN-4497-1
https://notcve.org/view.php?id=CVE-2016-9112
29 Oct 2016 — Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2. Floating Point Exception (también conocido como FPE o dividir entre cero) en la función opj_pi_next_cprl en openjp2/pi.c:523 en OpenJPEG 2.1.2. It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG did not properly handle certain input. • http://www.securityfocus.com/bid/93978 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 1CVE-2016-7163 – openjpeg: Integer overflow in opj_pi_create_decode
https://notcve.org/view.php?id=CVE-2016-7163
21 Sep 2016 — Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write. Desbordamiento de entero en la función opj_pi_create_decode en pi.c en OpenJPEG permite a atacantes remotos ejecutar código arbitrario a través de un archivo JP2 manipulado, lo que desencadena una lectura o escritura fuera de límites. An integer overflow, leading to a heap buffer overflow, was found in OpenJPEG. An ... • http://rhn.redhat.com/errata/RHSA-2017-0559.html • CWE-190: Integer Overflow or Wraparound •