CVE-2016-4796

Published: Feb 3, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

FEDORA-2016-14d8f9b4ed

vendor-advisory

x_refsource_FEDORA

FEDORA-2016-abdc548f46

vendor-advisory

x_refsource_FEDORA

FEDORA-2016-8fa7ced365

vendor-advisory

x_refsource_FEDORA

FEDORA-2016-d2ab705e4a

vendor-advisory

x_refsource_FEDORA

[oss-security] 20160512 Re: CVE Request - OpenJPEG: Security Fixes

mailing-list

x_refsource_MLIST

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1335482

x_refsource_CONFIRM

https://github.com/uclouvain/openjpeg/commit/162f6199c0cd3ec1c6c6dc65e41b2faab92b2d91

x_refsource_CONFIRM

https://github.com/uclouvain/openjpeg/issues/774

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4796

Description

Affected Products

References