[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

RHSA-2017:0838-01 -- Redhat openjpeg

ID: oval:org.secpod.oval:def:502008Date: (C)2017-03-24   (M)2023-12-20
Class: PATCHFamily: unix




OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Security Fix: * Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. * An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. * A heap-based buffer overflow vulnerability was found in OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause the application to crash or, potentially, execute arbitrary code. Red Hat would like to thank Liu Bingchang for reporting CVE-2016-9573. The CVE-2016-9675 issue was discovered by Doran Moppert .

Platform:
Red Hat Enterprise Linux 7
Product:
openjpeg
Reference:
RHSA-2017:0838-01
CVE-2016-5139
CVE-2016-5158
CVE-2016-5159
CVE-2016-7163
CVE-2016-9573
CVE-2016-9675
CVE    6
CVE-2016-5139
CVE-2016-5159
CVE-2016-5158
CVE-2016-7163
...
CPE    2
cpe:/o:redhat:enterprise_linux:7
cpe:/a:openjpeg:openjpeg

© SecPod Technologies