Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
UclouvainOpenjpeg

17 matches found

CVE
CVEadded 2017/10/18 5:29 p.m.170 views

CVE-2015-1239

Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.

6.5CVSS6.3AI score0.00823EPSS
CVE
CVEadded 2017/08/30 10:29 p.m.133 views

CVE-2017-14041

A stack-based buffer overflow was discovered in the pgxtoimage function in bin/jp2/convert.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

8.8CVSS9.1AI score0.00707EPSS
CVE
CVEadded 2017/12/08 7:29 p.m.132 views

CVE-2017-17480

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

9.8CVSS9.8AI score0.02253EPSS
CVE
CVEadded 2017/08/30 10:29 p.m.113 views

CVE-2017-14040

An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability may lead to remote denial of service or possibly unspecified other impact.

8.8CVSS8.6AI score0.00581EPSS
CVE
CVEadded 2017/09/05 4:29 p.m.111 views

CVE-2017-14152

A mishandled zero case was discovered in opj_j2k_set_cinema_parameters in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c and opj_j2k_write_...

8.8CVSS9.1AI score0.01089EPSS
CVE
CVEadded 2017/08/30 10:29 p.m.110 views

CVE-2017-14039

A heap-based buffer overflow was discovered in the opj_t2_encode_packet function in lib/openjp2/t2.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.

8.8CVSS8.8AI score0.00644EPSS
CVE
CVEadded 2017/12/08 7:29 p.m.105 views

CVE-2017-17479

In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtoimage function in jpwl/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.

9.8CVSS7.9AI score0.05764EPSS
CVE
CVEadded 2017/09/05 4:29 p.m.100 views

CVE-2017-14151

An off-by-one error was discovered in opj_tcd_code_block_enc_allocate_data in lib/openjp2/tcd.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_mqc_flush in lib/openjp2/mqc.c and opj_t1_encode_c...

8.8CVSS9.1AI score0.0091EPSS
CVE
CVEadded 2017/08/21 7:29 a.m.98 views

CVE-2017-12982

The bmp_read_info_header function in bin/jp2/convertbmp.c in OpenJPEG 2.2.0 does not reject headers with a zero biBitCount, which allows remote attackers to cause a denial of service (memory allocation failure) in the opj_image_create function in lib/openjp2/image.c, related to the opj_aligned_allo...

5.5CVSS5.4AI score0.00266EPSS
CVE
CVEadded 2017/09/06 6:29 p.m.79 views

CVE-2017-14164

A size-validation issue was discovered in opj_j2k_write_sot in lib/openjp2/j2k.c in OpenJPEG 2.2.0. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service (heap-based buffer overflow affecting opj_write_bytes_LE in lib/openjp2/cio.c) or possibly remote code exec...

8.8CVSS9.2AI score0.01089EPSS
CVE
CVEadded 2017/02/03 4:59 p.m.78 views

CVE-2016-4797

Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.

5.5CVSS5.9AI score0.01575EPSS
CVE
CVEadded 2017/08/30 9:29 a.m.76 views

CVE-2016-10504

Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.

6.5CVSS6.3AI score0.06106EPSS
CVE
CVEadded 2017/08/30 9:29 a.m.62 views

CVE-2016-10507

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.

6.5CVSS6.6AI score0.00653EPSS
CVE
CVEadded 2017/08/30 9:29 a.m.61 views

CVE-2016-10506

Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

6.5CVSS6AI score0.02046EPSS
CVE
CVEadded 2017/02/03 4:59 p.m.59 views

CVE-2016-4796

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

5.5CVSS5.5AI score0.00275EPSS
CVE
CVEadded 2017/02/03 4:59 p.m.58 views

CVE-2016-3183

The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.

5.5CVSS5.2AI score0.00129EPSS
CVE
CVEadded 2017/08/30 9:29 a.m.52 views

CVE-2016-10505

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via c...

6.5CVSS6.8AI score0.00656EPSS