CVE-2019-6988
https://notcve.org/view.php?id=CVE-2019-6988
An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers to cause a denial of service (attempted excessive memory allocation) in opj_calloc in openjp2/opj_malloc.c, when called from opj_tcd_init_tile in openjp2/tcd.c, as demonstrated by the 64-bit opj_decompress. Se ha descubierto un problema en OpenJPEG 2.3.0. Permite a los atacantes remotos provocar una denegación de servicio (intento de asignación de memoria excesiva) en opj_calloc en openjp2/opj_malloc.c cuando es llamado desde opj_tcd_init_tile en penjp2/tcd.c, tal y como queda demostrado con el programa opj_decompress de 64-bit. • http://www.securityfocus.com/bid/106785 https://github.com/uclouvain/openjpeg/issues/1178 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2018-18088
https://notcve.org/view.php?id=CVE-2018-18088
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c OpenJPEG 2.3.0 tiene una desreferencia de puntero NULL en "red" en la función imagetopnm de jp2/convert.c • https://github.com/uclouvain/openjpeg/issues/1152 https://lists.debian.org/debian-lts-announce/2018/11/msg00018.html https://usn.ubuntu.com/4109-1 https://www.debian.org/security/2019/dsa-4405 • CWE-476: NULL Pointer Dereference •
CVE-2018-16375
https://notcve.org/view.php?id=CVE-2018-16375
An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow. Se ha descubierto un problema en OpenJPEG 2.3.0. La falta de comprobaciones para header_info.height y header_info.width en la función pnmtoimage en bin/jpwl/convert.c puede conducir a un desbordamiento de búfer basado en memoria dinámica (heap). • http://www.securityfocus.com/bid/105266 https://github.com/uclouvain/openjpeg/issues/1126 • CWE-787: Out-of-bounds Write •
CVE-2018-16376
https://notcve.org/view.php?id=CVE-2018-16376
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact. Se ha descubierto un problema en OpenJPEG 2.3.0. Se ha descubierto un desbordamiento de búfer basado en memoria dinámica (heap) en la función t2_encode_packet en lib/openmj2/t2.c. • http://www.securityfocus.com/bid/105262 https://github.com/uclouvain/openjpeg/issues/1127 • CWE-787: Out-of-bounds Write •
CVE-2018-14423
https://notcve.org/view.php?id=CVE-2018-14423
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). Vulnerabilidades de división entre cero en las funciones pi_next_pcrl, pi_next_cprl y pi_next_rpcl en lib/openjp3d/pi.c en OpenJPEG hasta la versión 2.3.0 permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación). • https://github.com/uclouvain/openjpeg/issues/1123 https://lists.debian.org/debian-lts-announce/2018/12/msg00013.html https://usn.ubuntu.com/4109-1 https://www.debian.org/security/2019/dsa-4405 • CWE-369: Divide By Zero •