← back
CVE-2016-10506

CVE-2016-10506

EPSS 3.5%
Division-by-zero vulnerabilities in the functions opj_pi_next_cprl, opj_pi_next_pcrl, and opj_pi_next_rpcl in pi.c in OpenJPEG before 2.2.0 allow remote attackers to cause a denial of service (application crash) via crafted j2k files.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/uclouvain/openjpeg/commit/d27ccf01c68a31ad62b33d2dc1ba2bb1eeaafe7bhttps://github.com/uclouvain/openjpeg/issues/731https://github.com/uclouvain/openjpeg/issues/732https://github.com/uclouvain/openjpeg/issues/777https://github.com/uclouvain/openjpeg/issues/778https://github.com/uclouvain/openjpeg/issues/779https://github.com/uclouvain/openjpeg/issues/780https://security.gentoo.org/glsa/201710-26http://www.securityfocus.com/bid/100573