CVE-2016-9118

Source
Severity High
Remote Yes
Type Arbitrary code execution
Description
A heap buffer overflow (WRITE of size 4) has been discovered in the pnmtoimage function of convert.c:1719 in OpenJPEG 2.1.2. An attacker could create a malicious file that, when processed, could cause a crash or potentially code execution.
Group Package Affected Fixed Severity Status Ticket
AVG-54 openjpeg2 2.1.2-2 2.2.0-1 High Fixed FS#54860
References
https://github.com/uclouvain/openjpeg/issues/861
https://github.com/uclouvain/openjpeg/commit/c22cbd8bdf8ff2ae372f94391a4be2d322b36b41