Published: 11/09/2016 Updated: 07/11/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome prior to 53.0.2785.89 on Windows and OS X and prior to 53.0.2785.92 on Linux, allow remote malicious users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse leap 42.1
google chrome

Synopsis Moderate: openjpeg security update Type/Severity Security Advisory: Moderate Topic An update for openjpeg is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Synopsis Moderate: openjpeg security update Type/Severity Security Advisory: Moderate Topic An update for openjpeg is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, ...

Several vulnerabilities have been discovered in the chromium web browser CVE-2016-5147 A cross-site scripting issue was discovered CVE-2016-5148 Another cross-site scripting issue was discovered CVE-2016-5149 Max Justicz discovered a script injection issue in extension handling CVE-2016-5150 A use-after-free issue was discovere ...

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed For the stable distribution (jessie), these problems have been fixed in version 210-2+deb8u2 For the unstable distribution (sid), these problem ...

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163) A vulnerability was found in the patch for CVE-2013-6045 for Open ...

An integer overflow, leading to a heap buffer overflow, was found in openjpeg, also affecting the PDF viewer in Chromium A specially crafted JPEG2000 image could cause an incorrect calculation when allocating memory for code blocks, which could lead to a crash, or potentially, code execution ...

一些小脚本，tools.sign:Tools签到脚本;YAPI远程代码执行

日常脚本更新采集中。。。 Baidu_OCR:百度ocr识别api接口 baacloud_singn:vpn签到领流量 linux_sec_check:linux安全检查shell rad_xray:xray和rad的自动联动 redis_nopassword:redis未授权检测及写入公钥 toolssign:Tools签到脚本红队信息收集渗透工具: githubcom/lz520520/railgun 扫描工具Goby:githubcom/

CWE-190 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html http://www.securityfocus.com/bid/92717 http://www.securitytracker.com/id/1036729 http://rhn.redhat.com/errata/RHSA-2017-0559.html http://rhn.redhat.com/errata/RHSA-2017-0838.html http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html http://www.debian.org/security/2017/dsa-3768 https://crbug.com/628304 http://www.debian.org/security/2016/dsa-3660 https://security.gentoo.org/glsa/201610-09 http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html http://rhn.redhat.com/errata/RHSA-2016-1854.html https://codereview.chromium.org/2218783002/https://access.redhat.com/errata/RHSA-2017:0559 https://nvd.nist.gov https://github.com/coollce/coollce https://www.debian.org/security/./dsa-3660

CVE-2016-5159

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect