CVE-2016-4797Divide By Zero in Openjpeg

CWE-369Divide By Zero10 documents7 sources
Severity
5.5MEDIUMNVD
CNA5.0OSV5.0
EPSS
0.3%
top 48.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
THE Openjpeg Project Openjpeg2Uclouvain OpenjpegFedoraproject Fedora
Timeline
PublishedFeb 3
Latest updateMay 13

Description

Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (application crash) via a crafted jp2 file. NOTE: this issue exists because of an incorrect fix for CVE-2014-7947.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

Debianthe_openjpeg_project/openjpeg2< 2.1.1-1+3

Also affects: Fedora 23, 24

Patches

Patch: www.openwall.comPatch: bugzilla.redhat.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-g3qh-h448-hf99: Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd2022-05-13
CVEList
CVE-2016-4797: Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd2017-02-03
OSV
CVE-2016-4797: Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd2017-02-03

📋Vendor Advisories

2
Red Hat
openjpeg: Division-by-zero in function opj_tcd_init_tile in tcd.c2016-03-28
Debian
CVE-2016-4797: openjpeg2 - Divide-by-zero vulnerability in the opj_tcd_init_tile function in tcd.c in OpenJ...2016

💬Community

4
Bugzilla
CVE-2016-4796 CVE-2016-4797 mingw-openjpeg2: various flaws [fedora-all]2016-05-12
Bugzilla
CVE-2016-4796 CVE-2016-4797 openjpeg2: various flaws [epel-all]2016-05-12
Bugzilla
CVE-2016-4797 openjpeg: Division-by-zero in function opj_tcd_init_tile in tcd.c2016-05-12
Bugzilla
CVE-2016-4796 CVE-2016-4797 openjpeg2: various flaws [fedora-all]2016-05-12
CVE-2016-4797 — Divide By Zero in Uclouvain Openjpeg | cvebase