cpe:/a:openjpeg:openjpeg:2.1.2 cpe:/o:debian:debian_linux:8.0 cpe:/o:redhat:enterprise_linux_desktop:7.0 cpe:/o:redhat:enterprise_linux_server:7.0 cpe:/o:redhat:enterprise_linux_server_aus:7.3 cpe:/o:redhat:enterprise_linux_server_aus:7.4 cpe:/o:redhat:enterprise_linux_server_eus:7.3 cpe:/o:redhat:enterprise_linux_server_eus:7.4 cpe:/o:redhat:enterprise_linux_server_eus:7.5 cpe:/o:redhat:enterprise_linux_workstation:7.0 CVE-2016-9573 2018-08-01T02:29:00.537-04:00 2019-10-09T19:20:34.930-04:00 5.8 NETWORK MEDIUM NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BID 97073 DEBIAN DSA-3768 GENTOO GLSA-201710-26 REDHAT RHSA-2017:0838 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9573 CONFIRM https://github.com/szukw000/openjpeg/commit/7b28bd2b723df6be09fe7791eba33147c1c47d0d CONFIRM https://github.com/uclouvain/openjpeg/issues/862 An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.