Download
| Alert*
|
oval:org.secpod.oval:def:1802019
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. oval:org.secpod.oval:def:1801270 CVE-2018-14423: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service . oval:org.secpod.oval:def:1801268 CVE-2018-14423: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service . oval:org.secpod.oval:def:1801269 CVE-2018-14423: Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service . oval:org.secpod.oval:def:2105074 In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. oval:org.secpod.oval:def:3300715 SUSE Security Update: Security update for openjpeg2 oval:org.secpod.oval:def:2001318 In OpenJPEG 2.3.0, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. oval:org.secpod.oval:def:115676 The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains * JPEG 2000 codec compliant with the Part 1 of the standard . * JP2 oval:org.secpod.oval:def:115672 MinGW Windows openjpeg2 library. oval:org.secpod.oval:def:2105004 Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:115685 MinGW Windows openjpeg2 library. oval:org.secpod.oval:def:115684 The OpenJPEG library is an open-source JPEG 2000 library developed in order to promote the use of JPEG 2000. This package contains * JPEG 2000 codec compliant with the Part 1 of the standard . * JP2 oval:org.secpod.oval:def:89047479 This update for openjpeg2 fixes the following issues: - CVE-2018-5727: Fixed integer overflow vulnerability in theopj_t1_encode_cblks function . - CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds leftshift in the opj_j2k_setup_encoder function . - CVE-2018-6616: Fixed excessive itera ... oval:org.secpod.oval:def:89046233 This update for openjpeg2 fixes the following issues: - CVE-2018-5727: Fixed integer overflow vulnerability in theopj_t1_encode_cblks function . - CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds leftshift in the opj_j2k_setup_encoder function . - CVE-2018-6616: Fixed excessive itera ... oval:org.secpod.oval:def:705142 openjpeg2: JPEG 2000 image compression/decompression library Several security issues were fixed in OpenJPEG. oval:org.secpod.oval:def:603821 Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, that could be leveraged to cause a denial of service or possibly remote code execution. CVE-2017-17480 Write stack buffer overflow in the jp3d and jpwl codecs can result in a denial of service or remote code ... oval:org.secpod.oval:def:58379 openjpeg2: JPEG 2000 image compression/decompression library Several security issues were fixed in OpenJPEG. oval:org.secpod.oval:def:53532 Multiple vulnerabilities have been discovered in openjpeg2, the open-source JPEG 2000 codec, that could be leveraged to cause a denial of service or possibly remote code execution. CVE-2017-17480 Write stack buffer overflow in the jp3d and jpwl codecs can result in a denial of service or remote code ... |
