AVG-54 log

Package openjpeg2
Status Fixed
Severity High
Type multiple issues
Affected 2.1.2-2
Fixed 2.2.0-1
Current 2.3.1-1 [extra]
Ticket FS#54860
Created Mon Oct 31 17:18:30 2016
Issue Severity Remote Type Description
CVE-2016-9118 High Yes Arbitrary code execution
A heap buffer overflow (WRITE of size 4) has been discovered in the pnmtoimage function of convert.c:1719 in OpenJPEG 2.1.2. An attacker could create a...
CVE-2016-9117 Medium Yes Denial of service
A NULL pointer access has been discovered in the  imagetopnm function of convert.c(jp2):1289 in OpenJPEG 2.1.2. Opening a crafted j2k file leads to an...
CVE-2016-9116 Medium Yes Denial of service
A NULL pointer access has been discovered in the  imagetopnm function of convert.c:2226(jp2) in OpenJPEG 2.1.2. Opening a crafted j2k file leads to an...
CVE-2016-9115 Medium Yes Denial of service
A heap buffer over-read has been discovered in the imagetotga function of convert.c(jp2):942 in OpenJPEG 2.1.2. Opening a specially crafted j2k file is...
CVE-2016-9114 Medium Yes Denial of service
There is a NULL pointer access in the  imagetopnm function of convert.c:1943(jp2) of OpenJPEG 2.1.2. image->comps[compno].data is not assigned a value after...
CVE-2016-9113 Medium Yes Denial of service
There is a NULL pointer dereference in the imagetobmp function of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after...