Filtered by vendor Uclouvain Subscriptions
Total 77 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-5030 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-07 N/A
The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."
CVE-2012-3535 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-06 N/A
Heap-based buffer overflow in OpenJPEG 1.5.0 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted JPEG2000 file.
CVE-2012-3358 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-06 N/A
Multiple heap-based buffer overflows in the j2k_read_sot function in j2k.c in OpenJPEG 1.5 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted (1) tile number or (2) tile length in a JPEG 2000 image file.
CVE-2012-1499 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
CVE-2013-6887 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
OpenJPEG 1.5.1 allows remote attackers to cause a denial of service via unspecified vectors that trigger NULL pointer dereferences, division-by-zero, and other errors.
CVE-2013-6052 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-06 N/A
OpenJPEG 1.3 and earlier allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
CVE-2013-6054 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-06 N/A
Heap-based buffer overflow in OpenJPEG 1.3 has unspecified impact and remote vectors, a different vulnerability than CVE-2013-6045.
CVE-2013-6045 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-06 N/A
Multiple heap-based buffer overflows in OpenJPEG 1.3 and earlier might allow remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-6053 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
OpenJPEG 1.5.1 allows remote attackers to obtain sensitive information via unspecified vectors that trigger a heap-based out-of-bounds read.
CVE-2013-4290 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
Stack-based buffer overflow in OpenJPEG before 1.5.2 allows remote attackers to have unspecified impact via unknown vectors to (1) lib/openjp3d/opj_jp3d_compress.c, (2) bin/jp3d/convert.c, or (3) lib/openjp3d/event.c.
CVE-2013-4289 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
Multiple integer overflows in lib/openjp3d/jp3d.c in OpenJPEG before 1.5.2 allow remote attackers to have unspecified impact and vectors, which trigger a heap-based buffer overflow.
CVE-2013-1447 2 Redhat, Uclouvain 2 Enterprise Linux, Openjpeg 2024-08-06 N/A
OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
CVE-2014-0158 2 Opensuse, Uclouvain 2 Opensuse, Openjpeg 2024-08-06 N/A
Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045. NOTE: this is not a duplicate of CVE-2013-1447, because the scope of CVE-2013-1447 was specifically defined in http://openwall.com/lists/oss-security/2013/12/04/6 as only "null pointer dereferences, division by zero, and anything that would just fit as DoS."
CVE-2015-8871 2 Debian, Uclouvain 2 Debian Linux, Openjpeg 2024-08-06 N/A
Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.
CVE-2015-1239 3 Debian, Google, Uclouvain 4 Debian Linux, Chrome, Pdfium and 1 more 2024-08-06 6.5 Medium
Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF.
CVE-2016-10504 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
Heap-based buffer overflow vulnerability in the opj_mqc_byteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
CVE-2016-10505 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
CVE-2016-10506 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
CVE-2016-10507 1 Uclouvain 1 Openjpeg 2024-08-06 N/A
Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted bmp file.
CVE-2016-9675 2 Redhat, Uclouvain 5 Enterprise Linux, Enterprise Linux For Ibm Z Systems, Enterprise Linux For Power Big Endian and 2 more 2024-08-06 7.8 High
openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.