Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.3
CVSSv3

CVE-2016-1628

Published: 21/02/2016 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.3 | Impact Score: 3.4 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

pi.c in OpenJPEG, as used in PDFium in Google Chrome prior to 48.0.2564.109, does not validate a certain precision value, which allows remote malicious users to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome

debian debian linux 8.0

Vendor Advisories

Debian Security Advisories: DSA-3486-1 chromium-browser -- security update
Several vulnerabilities have been discovered in the chromium web browser CVE-2016-1622 It was discovered that a maliciously crafted extension could bypass the Same Origin Policy CVE-2016-1623 Mariusz Mlynski discovered a way to bypass the Same Origin Policy CVE-2016-1624 lukezli discovered a buffer overflow issue in the Brotli l ...
Debian Security Advisories: DSA-4013-1 openjpeg2 -- security update
Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed For the oldstable distribution (jessie), these problems have been fixed in version 210-2+deb8u3 For the stable distribution (stretch), these pr ...
Red Hat: CVE-2016-1628
pic in OpenJPEG, as used in PDFium in Google Chrome before 4802564109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl fun ...

References

CWE-119https://code.google.com/p/chromium/issues/detail?id=571479http://www.securityfocus.com/bid/83125https://security.gentoo.org/glsa/201710-26http://www.securitytracker.com/id/1035183http://www.debian.org/security/2017/dsa-4013http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.htmlhttps://security.gentoo.org/glsa/201603-09http://www.zerodayinitiative.com/advisories/ZDI-16-172/http://www.debian.org/security/2016/dsa-3486https://codereview.chromium.org/1590593002http://rhn.redhat.com/errata/RHSA-2016-0241.htmlhttps://nvd.nist.govhttps://www.debian.org/security/./dsa-3486
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firmwareCVE-2023-52866CVE-2024-4367CVE-2024-1721CVE-2023-34992XML injectionCVE-2023-52817SQLCVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook