CVE-2016-9117 — NULL Pointer Dereference in Openjpeg

CWE-476 — NULL Pointer Dereference10 documents7 sources

Severity

6.5MEDIUMNVD

EPSS

0.6%

top 31.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Uclouvain Openjpeg

Timeline

PublishedOct 30

Latest updateMay 13

Description

NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2.1.2. Impact is Denial of Service. Someone must open a crafted j2k file.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages1 packages

▶NVDuclouvain/openjpeg2.1.2

🔴Vulnerability Details

GHSA

GHSA-vvj2-x9vm-r47f: NULL Pointer Access in function imagetopnm of convert↗2022-05-13

▶

OSV

CVE-2016-9117: NULL Pointer Access in function imagetopnm of convert↗2016-10-30

▶

CVEList

CVE-2016-9117: NULL Pointer Access in function imagetopnm of convert↗2016-10-30

▶

📋Vendor Advisories

Red Hat

openjpeg2: Multiple security issues↗2016-10-27

▶

Debian

CVE-2016-9117: openjpeg2 - NULL Pointer Access in function imagetopnm of convert.c(jp2):1289 in OpenJPEG 2....↗2016

▶

💬Community

Bugzilla

CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues [fedora-all]↗2016-10-31

▶

Bugzilla

CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 mingw-openjpeg2: openjpeg2: Multiple security issues [fedora-all]↗2016-10-31

▶

Bugzilla

CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues↗2016-10-31

▶

Bugzilla

CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: various flaws [epel-all]↗2016-10-03

▶