Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-4013-1:DCD18
HistoryOct 31, 2017 - 10:01 p.m.

[SECURITY] [DSA 4013-1] openjpeg2 security update

2017-10-3122:01:32
lists.debian.org
15

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.6%

JSON

Debian Security Advisory DSA-4013-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
October 31, 2017 https://www.debian.org/security/faq

Package : openjpeg2
CVE ID : CVE-2016-1628 CVE-2016-5152 CVE-2016-5157 CVE-2016-9118
CVE-2016-10504 CVE-2017-14039 CVE-2017-14040
CVE-2017-14041 CVE-2017-14151 CVE-2017-14152

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression /
decompression library, may result in denial of service or the execution
of arbitrary code if a malformed JPEG 2000 file is processed.

For the oldstable distribution (jessie), these problems have been fixed
in version 2.1.0-2+deb8u3.

For the stable distribution (stretch), these problems have been fixed in
version 2.1.2-1.1+deb9u2.

We recommend that you upgrade your openjpeg2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian9armellibopenjp2-7-dev< 2.1.2-1.1+deb9u2libopenjp2-7-dev_2.1.2-1.1+deb9u2_armel.deb
Debian9armellibopenjpip-server< 2.1.2-1.1+deb9u2libopenjpip-server_2.1.2-1.1+deb9u2_armel.deb
Debian8ppc64ellibopenjp2-7-dev< 2.1.0-2+deb8u3+b1libopenjp2-7-dev_2.1.0-2+deb8u3+b1_ppc64el.deb
Debian8kfreebsd-i386libopenjpip-server< 2.1.0-2+deb8u3+b1libopenjpip-server_2.1.0-2+deb8u3+b1_kfreebsd-i386.deb
Debian8mipsellibopenjp3d-tools< 2.1.0-2+deb8u3+b1libopenjp3d-tools_2.1.0-2+deb8u3+b1_mipsel.deb
Debian9armellibopenjp2-tools< 2.1.2-1.1+deb9u2libopenjp2-tools_2.1.2-1.1+deb9u2_armel.deb
Debian8arm64libopenjp2-7-dbg< 2.1.0-2+deb8u3+b1libopenjp2-7-dbg_2.1.0-2+deb8u3+b1_arm64.deb
Debian8kfreebsd-amd64libopenjpip-dec-server< 2.1.0-2+deb8u3+b1libopenjpip-dec-server_2.1.0-2+deb8u3+b1_kfreebsd-amd64.deb
Debian8mipslibopenjpip7< 2.1.0-2+deb8u3+b1libopenjpip7_2.1.0-2+deb8u3+b1_mips.deb
Debian9amd64libopenjpip7< 2.1.2-1.1+deb9u2libopenjpip7_2.1.2-1.1+deb9u2_amd64.deb
Rows per page:
1-10 of 2021

Related

nessus 38
openvas 28
osv 10
fedora 10
mageia 5
slackware 1
redhatcve 15
veracode 6
prion 11
ubuntucve 12
cve 11
zdt 1
debiancve 11
alpinelinux 6
zdi 1
hackerone 1
freebsd 2
gentoo 3
chrome 2
debian 4
archlinux 1
threatpost 1
suse 8
redhat 1
kaspersky 1
nessus
nessus
Debian DSA-4013-1 : openjpeg2 - security update
2017-11-02 00:00:00
Fedora 25 : mingw-openjpeg2 (2017-f7a73de98d)
2017-09-11 00:00:00
Fedora 25 : openjpeg2 (2017-f285db3668)
2017-09-11 00:00:00
openvas
openvas
Debian Security Advisory DSA 4013-1 (openjpeg2 - security update)
2017-10-31 00:00:00
Fedora Update for openjpeg2 FEDORA-2017-5a3cd21cee
2017-09-07 00:00:00
Fedora Update for mingw-openjpeg2 FEDORA-2017-43390e73b1
2017-09-12 00:00:00
osv
osv
openjpeg2 - security update
2017-10-31 00:00:00
CVE-2016-10504
2017-08-30 09:29:00
CVE-2017-14151
2017-09-05 16:29:00
fedora
fedora
[SECURITY] Fedora 25 Update: mingw-openjpeg2-2.2.0-3.fc25
2017-09-11 02:26:15
[SECURITY] Fedora 25 Update: openjpeg2-2.2.0-3.fc25
2017-09-11 02:26:13
[SECURITY] Fedora 26 Update: openjpeg2-2.2.0-3.fc26
2017-09-06 14:53:48
mageia
mageia
Updated openjpeg2 packages fix security vulnerability
2017-12-31 18:14:43
Updated openjpeg2 packages fix security vulnerabilities
2017-02-19 00:50:00
Updated openjpeg2 packages fix security vulnerabilities
2016-11-03 12:02:50
slackware
slackware
[slackware-security] openjpeg
2017-10-06 06:34:10
redhatcve
redhatcve
CVE-2017-14151
2017-09-06 08:20:35
CVE-2016-10504
2017-08-31 18:18:54
CVE-2017-14039
2017-09-01 21:49:11
veracode
veracode
Buffer Overflow
2019-07-09 06:49:52
Arbitrary Code Execution
2020-05-10 23:22:28
Remote Code Execution
2020-05-10 23:28:23
prion
prion
Heap overflow
2017-08-30 09:29:00
Heap overflow
2017-09-05 16:29:00
Heap overflow
2016-10-30 22:59:00
ubuntucve
ubuntucve
CVE-2016-10504
2017-08-30 00:00:00
CVE-2017-14151
2017-09-05 00:00:00
CVE-2017-14039
2017-08-30 00:00:00
cve
cve
CVE-2016-10504
2017-08-30 09:29:00
CVE-2017-14151
2017-09-05 16:29:00
CVE-2017-14039
2017-08-30 22:29:00
zdt
zdt
OpenJPEG - mqc.c Heap-Based Buffer Overflow Exploit
2017-09-02 00:00:00
debiancve
debiancve
CVE-2016-10504
2017-08-30 09:29:00
CVE-2017-14151
2017-09-05 16:29:00
CVE-2017-14152
2017-09-05 16:29:00
alpinelinux
alpinelinux
CVE-2017-14151
2017-09-05 16:29:00
CVE-2017-14039
2017-08-30 22:29:00
CVE-2017-14041
2017-08-30 22:29:00
zdi
zdi
Google Chrome Pdfium JPEG2000 Out-Of-Bounds Read Remote Code Execution Vulnerability
2016-02-18 00:00:00
hackerone
hackerone
Internet Bug Bounty: CVE-2016-5157 OpenJPEG opj_dwt_interleave_v Out-of-Bounds Write Vulnerability
2016-09-11 06:05:15
freebsd
freebsd
openjpeg -- multiple vulnerabilities
2016-09-08 00:00:00
chromium -- multiple vulnerabilities
2016-08-31 00:00:00
gentoo
gentoo
OpenJPEG: Multiple vulnerabilities
2017-10-23 00:00:00
Chromium: Multiple vulnerabilities
2016-10-29 00:00:00
Chromium: Multiple vulnerabilities
2016-03-12 00:00:00
chrome
chrome
Stable Channel Update
2016-02-09 00:00:00
Stable Channel Update for Desktop
2016-08-31 00:00:00
debian
debian
[SECURITY] [DSA 3486-1] chromium-browser security update
2016-02-21 21:56:37
[SECURITY] [DSA 3486-1] chromium-browser security update
2016-02-21 21:56:37
[SECURITY] [DSA 3660-1] chromium-browser security update
2016-09-05 23:18:22
archlinux
archlinux
chromium: multiple issues
2016-09-01 00:00:00
threatpost
threatpost
Chrome 53 Fixes Address Spoofing Vulnerability, 32 Other Bugs
2016-09-01 11:52:59
suse
suse
Security update for Chromium (important)
2016-09-13 13:09:18
Security update for Chromium (important)
2016-09-06 21:09:12
Security update for Chromium (important)
2016-09-06 21:08:26
redhat
redhat
(RHSA-2016:1854) Important: chromium-browser security update
2016-09-12 19:28:55
kaspersky
kaspersky
KLA10865 Multiple vulnerabilities in Google Chrome
2016-08-31 00:00:00

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.007 Low

EPSS

Percentile

79.6%

JSON
Related for DEBIAN:DSA-4013-1:DCD18
nessus38openvas28osv10fedora10mageia5slackware1redhatcve15veracode6prion11ubuntucve12cve11zdt1debiancve11alpinelinux6zdi1hackerone1freebsd2gentoo3chrome2debian4archlinux1threatpost1suse8redhat1kaspersky1