Heap Buffer Overflow in OpenJPEG Affects Multiple Systems
CVE-2016-9581

3.3LOW

Key Information:

Vendor

The Openjpeg Project

Status
Openjpeg2
Vendor
CVE Published:
1 August 2018

What is CVE-2016-9581?

The Infinite loop vulnerability found in the tiftoimage component of OpenJPEG version 2.1.2 can lead to a heap buffer overflow in the convert_32s_C1P1 function. This may result in unintended application behaviors and can be exploited, posing risks to applications utilizing this library. For more information, refer to relevant advisory and commit links detailing this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

openjpeg2 2.1.2

References

https://github.com/uclouvain/openjpeg/issues/872
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201710-26
vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/bid/94822
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.