Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2016-5139

Published: 07/08/2016 Updated: 07/11/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.6 | Impact Score: 4.7 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Google

Vulnerability Summary

Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome prior to 52.0.2743.116, allow remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

google chrome 52.0.2743.82

Vendor Advisories

Red Hat: Moderate: openjpeg security update
Synopsis Moderate: openjpeg security update Type/Severity Security Advisory: Moderate Topic An update for openjpeg is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Red Hat: Moderate: openjpeg security update
Synopsis Moderate: openjpeg security update Type/Severity Security Advisory: Moderate Topic An update for openjpeg is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...
Amazon Linux AMI: ALAS-2017-807
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163) A vulnerability was found in the patch for CVE-2013-6045 for Open ...
Red Hat: CVE-2016-5139
An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium A specially crafted JPEG2000 image could cause an incorrect calculation when allocating precinct data structures, which could lead to a crash, or potentially, code execution ...

References

CWE-119https://lists.debian.org/debian-lts-announce/2018/07/msg00025.htmlhttp://www.securityfocus.com/bid/92276https://crbug.com/625541http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00006.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1580.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0559.htmlhttp://rhn.redhat.com/errata/RHSA-2017-0838.htmlhttp://www.securitytracker.com/id/1036547https://security.gentoo.org/glsa/201610-09https://codereview.chromium.org/2124073003http://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00005.htmlhttp://www.debian.org/security/2016/dsa-3645https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KMX62M7UNRLWO4FEQ6YIMPMTKXXJV6A/https://access.redhat.com/errata/RHSA-2017:0559https://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2017-807.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook