CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3183 – Gentoo Linux Security Advisory 201612-26
https://notcve.org/view.php?id=CVE-2016-3183
08 Dec 2016 — The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file. La función sycc422_t_rgb en common/color.c en OpenJPEG en versiones anteriores a 2.1.1 permite a atacantes remotos provocar una denegación de servicio (lectura fuera de límites) a través de un archivo jpeg2000 manipulado. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow execution of arbitrary code. Versi... • http://www.openwall.com/lists/oss-security/2016/03/16/17 • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3182 – Gentoo Linux Security Advisory 201612-26
https://notcve.org/view.php?id=CVE-2016-3182
08 Dec 2016 — The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file. La función color_esycc_to_rgb en el archivo bin/common/color.c en OpenJPEG versiones anteriores a 2.1.1, permite a atacantes causar una denegación de servicio (corrupción de memoria) por medio de un archivo jpeg 2000 diseñado. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow execution of arbitrary code... • http://www.openwall.com/lists/oss-security/2016/03/16/16 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9113 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9113
30 Oct 2016 — There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service. Hay una referencia a puntero NULL en la función imagetobmp de convertbmp.c:980 de OpenJPEG 2.1.2. image->comps[0].data no se asigna un valor después de la inicialización (NULL). El impacto es de denegación de servicio. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote att... • http://www.securityfocus.com/bid/93980 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9114 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9114
30 Oct 2016 — There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service. Hay un acceso a puntero NULL en la función imagetopnm de convert.c:1943(jp2) de OpenJPEG 2.1.2. image->comps[compno].data no se asigna un valor después de la inicialización (NULL). El impacto es de denegación de servicio. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remo... • http://www.securityfocus.com/bid/93979 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9115 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9115
30 Oct 2016 — Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Sobre lectura de búfer basado en memoria dinámica en la función imagetotga de convert.c(jp2):942 en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93977 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9116 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9116
30 Oct 2016 — NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Acceso a puntero NULL en la función imagetopnm de convert.c:2226(jp2) en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93975 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9117 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9117
30 Oct 2016 — NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file. Acceso a puntero NULL en la función imagetopnm de convert.c(jp2):1289 en OpenJPEG 2.1.2. El impacto es de denegación de servicio. • http://www.securityfocus.com/bid/93783 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9118 – Gentoo Linux Security Advisory 201710-26
https://notcve.org/view.php?id=CVE-2016-9118
30 Oct 2016 — Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2. Desbordamiento de búfer basado en memoria dinámica (WRITE de tamaño 4) en la función pnmtoimage de convert.c:1719 en OpenJPEG 2.1.2. Multiple vulnerabilities have been found in OpenJPEG, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.3.0:2 are affected. • http://www.debian.org/security/2017/dsa-4013 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2016-9112 – Ubuntu Security Notice USN-4497-1
https://notcve.org/view.php?id=CVE-2016-9112
29 Oct 2016 — Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2. Floating Point Exception (también conocido como FPE o dividir entre cero) en la función opj_pi_next_cprl en openjp2/pi.c:523 en OpenJPEG 2.1.2. It was discovered that OpenJPEG incorrectly handled certain image files. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that OpenJPEG did not properly handle certain input. • http://www.securityfocus.com/bid/93978 • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 1CVE-2016-8332
https://notcve.org/view.php?id=CVE-2016-8332
28 Oct 2016 — A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding ima... • http://www.debian.org/security/2017/dsa-3768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •