vulnerability

CentOS Linux: CVE-2016-5159: Moderate: openjpeg security update (Multiple Advisories)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

Sep 11, 2016

Added

Mar 20, 2017

Modified

May 25, 2023

Description

Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.

Solutions

centos-upgrade-openjpegcentos-upgrade-openjpeg-debuginfocentos-upgrade-openjpeg-develcentos-upgrade-openjpeg-libs

References

BID-92717
DEBIAN-DSA-3660
DEBIAN-DSA-3768
NVD-CVE-2016-5159
REDHAT-RHSA-2016:1854
REDHAT-RHSA-2017:0559
REDHAT-RHSA-2017:0838

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report