Heap-based buffer overflow in the opjj2kupdateimagedata function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjp2-7" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjp2-7-dev" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjp2-tools" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjp3d-tools" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjp3d7" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjpip-dec-server" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjpip-server" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjpip-viewer" }, { "binary_version": "2.1.2-1.1+deb9u2build0.1", "binary_name": "libopenjpip7" } ] }