Lucene search

K

Openjpeg Security Vulnerabilities

cve
cve

CVE-2016-4797

Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for...

5.5CVSS

5.9AI Score

0.021EPSS

2017-02-03 04:59 PM
46
cve
cve

CVE-2016-9675

openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary...

7.8CVSS

8.1AI Score

0.171EPSS

2016-12-22 09:59 PM
44
cve
cve

CVE-2016-9118

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG...

5.3CVSS

6.1AI Score

0.007EPSS

2016-10-30 10:59 PM
59
cve
cve

CVE-2016-9117

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k...

6.5CVSS

6.5AI Score

0.001EPSS

2016-10-30 10:59 PM
29
cve
cve

CVE-2016-9116

NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k...

6.5CVSS

6.5AI Score

0.001EPSS

2016-10-30 10:59 PM
26
cve
cve

CVE-2016-9115

Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k...

6.5CVSS

6.6AI Score

0.001EPSS

2016-10-30 10:59 PM
31
cve
cve

CVE-2016-9114

There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of...

7.5CVSS

7.3AI Score

0.004EPSS

2016-10-30 10:59 PM
34
cve
cve

CVE-2016-9113

There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of...

7.5CVSS

7.3AI Score

0.004EPSS

2016-10-30 10:59 PM
34
cve
cve

CVE-2016-9112

Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG...

7.5CVSS

6.6AI Score

0.007EPSS

2016-10-29 10:59 AM
99
cve
cve

CVE-2016-8332

A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap...

7.8CVSS

8.6AI Score

0.03EPSS

2016-10-28 02:59 PM
62
4
cve
cve

CVE-2016-7445

convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable...

7.5CVSS

5.9AI Score

0.005EPSS

2016-10-03 04:09 PM
31
4
cve
cve

CVE-2016-7163

Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or...

7.8CVSS

8AI Score

0.012EPSS

2016-09-21 02:25 PM
53
cve
cve

CVE-2015-8871

Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown...

9.8CVSS

6.5AI Score

0.011EPSS

2016-09-21 02:25 PM
48
4
cve
cve

CVE-2016-1924

The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000...

6.5CVSS

5.6AI Score

0.011EPSS

2016-01-27 08:59 PM
42
cve
cve

CVE-2016-1923

Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000...

6.5CVSS

5.9AI Score

0.006EPSS

2016-01-27 08:59 PM
31
cve
cve

CVE-2013-6053

OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds...

8.1AI Score

0.005EPSS

2014-04-27 10:55 PM
25
cve
cve

CVE-2013-6887

OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other...

7.6AI Score

0.008EPSS

2014-04-27 08:55 PM
22
cve
cve

CVE-2013-4290

Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3)...

8.9AI Score

0.013EPSS

2014-04-18 02:55 PM
18
cve
cve

CVE-2013-4289

Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer...

8.8AI Score

0.007EPSS

2014-04-18 02:55 PM
18
cve
cve

CVE-2013-6052

OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds...

7.6AI Score

0.004EPSS

2013-12-12 06:55 PM
34
cve
cve

CVE-2013-6054

Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than...

7.9AI Score

0.171EPSS

2013-12-12 06:55 PM
29
cve
cve

CVE-2013-6045

Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified...

8.1AI Score

0.171EPSS

2013-12-12 06:55 PM
39
cve
cve

CVE-2013-1447

OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other...

7.7AI Score

0.015EPSS

2013-12-12 06:55 PM
29
cve
cve

CVE-2012-3535

Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000...

7.8AI Score

0.045EPSS

2012-09-05 11:55 PM
35
cve
cve

CVE-2012-3358

Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image...

7.6AI Score

0.098EPSS

2012-07-18 11:55 PM
52
cve
cve

CVE-2009-5030

The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an...

7.4AI Score

0.045EPSS

2012-07-18 10:55 PM
39
cve
cve

CVE-2012-1499

The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer...

7.5AI Score

0.067EPSS

2012-04-11 10:39 AM
20
Total number of security vulnerabilities77