Published: 11/09/2016 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome prior to 53.0.2785.89 on Windows and OS X and prior to 53.0.2785.92 on Linux, allow remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse leap 42.1
google chrome

Synopsis Moderate: openjpeg security update Type/Severity Security Advisory: Moderate Topic An update for openjpeg is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Moderate: openjpeg security update Type/Severity Security Advisory: Moderate Topic An update for openjpeg is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Several vulnerabilities have been discovered in the chromium web browser CVE-2016-5147 A cross-site scripting issue was discovered CVE-2016-5148 Another cross-site scripting issue was discovered CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling CVE-2016-5150 A use-after-free issue was discovere ...

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163) A vulnerability was found in the patch for CVE-2013-6045 for Open ...

An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium A specially crafted JPEG2000 image could cause incorrect calculations when allocating various data structures, which could lead to a crash, or potentially, code execution ...

CWE-190 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html http://www.securityfocus.com/bid/92717 http://www.securitytracker.com/id/1036729 http://rhn.redhat.com/errata/RHSA-2017-0559.html http://rhn.redhat.com/errata/RHSA-2017-0838.html https://pdfium.googlesource.com/pdfium.git/+/ff74356915d4c7f7c6eb16de1e9f403da4ecb6d5 http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html https://crbug.com/628890 http://www.debian.org/security/2016/dsa-3660 https://security.gentoo.org/glsa/201610-09 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html http://rhn.redhat.com/errata/RHSA-2016-1854.html https://access.redhat.com/errata/RHSA-2017:0559 https://nvd.nist.gov https://www.debian.org/security/./dsa-3660

CVE-2016-5158

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect