20 matches found
MiracleLinux 4 : openjpeg-1.3-8.AXS4 (AXSA:2012-758:01)
The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2012-758:01 advisory. OpenJPEG is an open-source JPEG 2000 codec written in C language. It has been developed in order to promote the use of JPEG 2000, the new still-image...
EUVD-2016-3297
Malware in sbrugna...
EUVD-2016-6110
Malware in sbrugna...
RHEL 7 : netpbm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder CVE-2016-9583 ...
SUSE CVE-2015-5221
Use-after-free vulnerability in the mifprocesscmpt function in libjasper/mif/mifcod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service crash via a crafted JPEG 2000 image file...
CVE-2021-46584
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
PT-2020-12478 · Pillow +2 · Pillow +2
Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.1.0 Description: The issue is related to multiple out-of-bounds reads that can occur via a crafted JP2 file in the libImaging/Jpeg2KDecode.c module. Recommendations: For Pillow versions prior to 7.1.0, update to...
exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file...
DEBIAN-CVE-2016-9573
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2ktoimage tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap...
UBUNTU-CVE-2016-5158
Multiple integer overflows in the opjtcdinittile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified...
UBUNTU-CVE-2016-5157
Heap-based buffer overflow in the opjdwtinterleavev function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data...
DEBIAN-CVE-2016-5139
Multiple integer overflows in the opjtcdinittile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted JPEG 2000 data...
CVE-2016-5140
Heap-based buffer overflow in the opjj2kreadSQcdSQcc function in j2k.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JPEG 2000 data...
OpenJPEG 'opj_tcd_init_tile' Function Denial of Service Vulnerability
OpenJPEG is a C-based open source JPEG 2000 codec . A security vulnerability in the opjtcdinittile function of OpenJPEG allows remote attackers to construct specially crafted JPEG 2000 images for denial of service attacks...
CVE-2016-1645
CVE-2016-1645 is an out-of-bounds write issue in the pdfium library derived from OpenJPEG’s opj_j2k_update_image_data, used by Google Chrome’s PDF rendering path. Multiple connected advisories confirm the vulnerability in Chrome before 49.0.2623.87 and link it to a vulnerability class described a...
CVE-2016-1924
The opjtgtreset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG 2000 image...
Memory corruption
Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service memory corruption via crafted JPEG 2000...
FreeBSD : ffmpeg -- multiple vulnerabilities (4bae544d-06a3-4352-938c-b3bcbca89298)
NVD reports : The ffdwtdecode function in libavcodec/jpeg2000dwt.c in FFmpeg before 2.8.4 does not validate the number of decomposition levels before proceeding with Discrete Wavelet Transform decoding, which allows remote attackers to cause a denial of service out-of-bounds array access or...
CVE-2015-6776
Removed by vendor...
PT-2012-1163 · Openjpeg +2 · Openjpeg +2
Name of the Vulnerable Software and Affected Versions: OpenJPEG versions prior to 1.5.1 Description: The issue is related to multiple heap-based buffer overflows in the j2k read sot function, which can be triggered by a crafted JPEG 2000 image file. This can cause a denial of service, leading to ...