CVE-2016-4796 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Openjpeg

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-228 — Improper Handling of Syntactically Invalid Structure CWE-122 — Heap-based Buffer Overflow CWE-125 — Out-of-bounds Read CWE-77 — Command Injection12 documents8 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 50.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

THE Openjpeg Project Openjpeg2 Uclouvain Openjpeg Fedoraproject Fedora

Timeline

PublishedFeb 3

Latest updateMay 13

Description

Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶Debianthe_openjpeg_project/openjpeg2< 2.1.1-1+3

▶NVDuclouvain/openjpeg2.1.0

Also affects: Fedora 23, 24

Patches

Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-2mcf-r7v5-r97j: Heap-based buffer overflow in the color_cmyk_to_rgb in common/color↗2022-05-13

▶

OSV

CVE-2016-4796: Heap-based buffer overflow in the color_cmyk_to_rgb in common/color↗2017-02-03

▶

CVEList

CVE-2016-4796: Heap-based buffer overflow in the color_cmyk_to_rgb in common/color↗2017-02-03

▶

📋Vendor Advisories

Red Hat

nagios: Command injection via curl in MagpieRSS↗2016-12-13

▶

Red Hat

openjpeg: Heap buffer overflow in function color_cmyk_to_rgb in color.c↗2016-05-06

▶

Debian

CVE-2016-4796: openjpeg2 - Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPE...↗2016

▶

💬Community

HackerOne

CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability↗2019-11-12

▶

Bugzilla

CVE-2016-4796 CVE-2016-4797 mingw-openjpeg2: various flaws [fedora-all]↗2016-05-12

▶

Bugzilla

CVE-2016-4796 openjpeg: Heap buffer overflow in function color_cmyk_to_rgb in color.c↗2016-05-12

▶

Bugzilla

CVE-2016-4796 CVE-2016-4797 openjpeg2: various flaws [epel-all]↗2016-05-12

▶

Bugzilla

CVE-2016-4796 CVE-2016-4797 openjpeg2: various flaws [fedora-all]↗2016-05-12

▶