CVE-2016-9113

Source
Severity Medium
Remote Yes
Type Denial of service
Description
There is a NULL pointer dereference in the imagetobmp function of convertbmp.c:980 of OpenJPEG 2.1.2. image->comps[0].data is not assigned a value after initialization(NULL) which is leading to an application crash.
Group Package Affected Fixed Severity Status Ticket
AVG-54 openjpeg2 2.1.2-2 2.2.0-1 High Fixed FS#54860
References
https://github.com/uclouvain/openjpeg/issues/856