CVE-2016-9118Improper Restriction of Operations within the Bounds of a Memory Buffer in Openjpeg

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents7 sources
Severity
5.3MEDIUMNVD
EPSS
0.5%
top 32.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
THE Openjpeg Project Openjpeg2Uclouvain Openjpeg
Timeline
PublishedOct 30
Latest updateMay 13

Description

Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 in OpenJPEG 2.1.2.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

Debianthe_openjpeg_project/openjpeg2< 2.1.2-1.2+3

🔴Vulnerability Details

3
GHSA
GHSA-f6c7-9x7r-9r3f: Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert2022-05-13
CVEList
CVE-2016-9118: Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert2016-10-30
OSV
CVE-2016-9118: Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert2016-10-30

📋Vendor Advisories

2
Red Hat
openjpeg2: Multiple security issues2016-10-27
Debian
CVE-2016-9118: openjpeg2 - Heap Buffer Overflow (WRITE of size 4) in function pnmtoimage of convert.c:1719 ...2016

💬Community

4
Bugzilla
CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues [fedora-all]2016-10-31
Bugzilla
CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 mingw-openjpeg2: openjpeg2: Multiple security issues [fedora-all]2016-10-31
Bugzilla
CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: Multiple security issues2016-10-31
Bugzilla
CVE-2016-8332 CVE-2016-9112 CVE-2016-9113 CVE-2016-9114 CVE-2016-9115 CVE-2016-9116 CVE-2016-9117 CVE-2016-9118 openjpeg2: various flaws [epel-all]2016-10-03
CVE-2016-9118 — Uclouvain Openjpeg vulnerability | cvebase