Filtered by vendor Uclouvain Subscriptions
Filtered by product Openjpeg Subscriptions
Total 77 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2016-9573 3 Debian, Redhat, Uclouvain 8 Debian Linux, Enterprise Linux, Enterprise Linux Desktop and 5 more 2024-11-21 N/A
An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.
CVE-2016-9572 2 Debian, Uclouvain 2 Debian Linux, Openjpeg 2024-11-21 N/A
A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.
CVE-2016-9118 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.
CVE-2016-9117 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
CVE-2016-9116 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
NULL Pointer Access in function imagetopnm of convert.c:2226(jp2) in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
CVE-2016-9115 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
Heap Buffer Over-read in function imagetotga of convert.c(jp2):942 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.
CVE-2016-9114 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
There is a NULL Pointer Access in function imagetopnm of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
CVE-2016-9113 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
CVE-2016-9112 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
Floating Point Exception (aka FPE or divide by zero) in opj_pi_next_cprl function in openjp2/pi.c:523 in OpenJPEG 2.1.2.
CVE-2016-8332 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.
CVE-2016-7445 2 Opensuse, Uclouvain 2 Leap, Openjpeg 2024-11-21 N/A
convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.
CVE-2016-7163 4 Debian, Fedoraproject, Redhat and 1 more 10 Debian Linux, Fedora, Enterprise Linux and 7 more 2024-11-21 7.8 High
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
CVE-2016-4797 2 Fedoraproject, Uclouvain 2 Fedora, Openjpeg 2024-11-21 N/A
Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.
CVE-2016-4796 2 Fedoraproject, Uclouvain 2 Fedora, Openjpeg 2024-11-21 N/A
Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
CVE-2016-3183 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
The sycc422_t_rgb function in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted jpeg2000 file.
CVE-2016-3182 1 Uclouvain 1 Openjpeg 2024-11-21 5.5 Medium
The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG before 2.1.1 allows attackers to cause a denial of service (memory corruption) via a crafted jpeg 2000 file.
CVE-2016-1924 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
The opj_tgt_reset function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
CVE-2016-1923 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
Heap-based buffer overflow in the opj_j2k_update_image_data function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
CVE-2016-10507 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.
CVE-2016-10506 1 Uclouvain 1 Openjpeg 2024-11-21 N/A
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.