logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2016-10505

Description

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files. #### Notes Author| Note ---|--- [emitorino](<https://launchpad.net/~emitorino>) | Run the PoCs attached to the 4 issues in xenial and could not reproduce it


Affected Package


OS OS Version Package Name Package Version
ubuntu upstream openjpeg 2.2.0
ubuntu upstream openjpeg2 2.2.0

Related