Sign In

CVE-2016-10505

ADVISORY - nist

Summary

NULL pointer dereference vulnerabilities in the imagetopnm function in convert.c, sycc444_to_rgb function in color.c, color_esycc_to_rgb function in color.c, and sycc422_to_rgb function in color.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.

EPSS Score: 0.00581 (0.785)

Common Weakness Enumeration (CWE)

ADVISORY - nist

CWE-476

NULL Pointer Dereference

ADVISORY - redhat

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Impacted images

Advisories

NIST

CREATED

UPDATED

ADVISORY IDCVE-2016-10505
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-476

CVSS SCORE

6.5medium

Debian

CREATED

UPDATED

ADVISORY IDCVE-2016-10505
EXPLOITABILITY SCORE

-

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Ubuntu

CREATED

UPDATED

ADVISORY IDCVE-2016-10505
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium

Red Hat

CREATED

UPDATED

ADVISORY IDCVE-2016-10505
EXPLOITABILITY SCORE

1.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CWE-119

CVSS SCORE

3.3low

SUSE

CREATED

UPDATED

ADVISORY IDCVE-2016-10505
EXPLOITABILITY SCORE

2.8

EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

6.5medium