CVE-2016-9573

CVSS v3.1

8.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenJPEG version 2.1.2

Description An out-of-bounds read issue was found in the j2k to image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.

Recommendations For OpenJPEG version 2.1.2, consider updating to a newer version that contains a fix for this issue, as using a specially crafted JPEG2000 file could lead to application crashes or potential data disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2017-2084

CESA-2017_0838

CVE-2016-9573

DSA-3768-1

ELSA-2017-0838

MGASA-2016-0426

MGASA-2017-0122

OPENSUSE-SU-2017:2567-1

OPENSUSE-SU-2017_0155-1

OPENSUSE-SU-2017_0185-1

OPENSUSE-SU-2017_0207-1

RHSA-2017:0838

RHSA-2017_0838

SUSE-SU-2016:3270-1

Affected Products

Alt Linux

Centos

Openjpeg

Red Hat

Suse

CVE-2016-9573

Weakness Enumeration

Related Identifiers

Affected Products

References · 58