CVE-2016-9581 - An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P

CVE-2016-9581

Summary

An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert_32s_C1P1 was found in openjpeg 2.1.2.

References

Vulnerable Configurations

cpe:2.3:a:uclouvain:openjpeg:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:uclouvain:openjpeg:2.1.2:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	94822
confirm	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9581 https://github.com/szukw000/openjpeg/commit/cadff5fb6e73398de26a92e96d3d7cac893af255 https://github.com/uclouvain/openjpeg/issues/872
gentoo	GLSA-201710-26

Last major update

12-02-2023 - 23:27

Published

01-08-2018 - 14:29

Last modified

12-02-2023 - 23:27