Heap-based buffer overflow vulnerability in the opjmqcbyteout function in mqc.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (application crash) via a crafted bmp file.
{ "vanir_signatures": [ { "source": "https://github.com/uclouvain/openjpeg/commit/397f62c0a838e15d667ef50e27d5d011d2c79c04", "deprecated": false, "signature_version": "v1", "id": "CVE-2016-10504-64d69c19", "digest": { "function_hash": "173573818782671721813576327712645587033", "length": 477.0 }, "signature_type": "Function", "target": { "file": "src/lib/openjp2/tcd.c", "function": "opj_tcd_code_block_enc_allocate_data" } }, { "source": "https://github.com/uclouvain/openjpeg/commit/397f62c0a838e15d667ef50e27d5d011d2c79c04", "deprecated": false, "signature_version": "v1", "id": "CVE-2016-10504-ab7fcd5f", "digest": { "line_hashes": [ "84287188712089355687759545531450893603", "177311097550808870559618388162182863081", "334731653267446734227190207039040309428", "71253646569722539028308263770500150912", "229560804484841681537562014431883906713" ], "threshold": 0.9 }, "signature_type": "Line", "target": { "file": "src/lib/openjp2/tcd.c" } } ] }