vulnerability
FreeBSD: VID-b7d56d0b-7a11-11e6-af78-589cfc0654e1 (CVE-2016-7163): openjpeg -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:P/I:P/A:P) | Oct 11, 2016 | Nov 14, 2016 | Dec 10, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
Oct 11, 2016
Added
Nov 14, 2016
Modified
Dec 10, 2025
Description
Tencent's Xuanwu LAB reports: A Heap Buffer Overflow (Out-of-Bounds Write) issue was found in function opj_dwt_interleave_v of dwt.c. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenJPEG. An integer overflow issue exists in function opj_pi_create_decode of pi.c. It can lead to Out-Of-Bounds Read and Out-Of-Bounds Write in function opj_pi_next_cprl of pi.c (function opj_pi_next_lrcp, opj_pi_next_rlcp, opj_pi_next_rpcl, opj_pi_next_pcrl may also be vulnerable). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenJPEG.
Solution
freebsd-upgrade-package-openjpeg
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.