pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via a crafted JPEG 2000 image in a PDF document, related to the opj_pi_next_rpcl, opj_pi_next_pcrl, and opj_pi_next_cprl functions.

Multiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed.

The remote host is affected by the vulnerability described in GLSA-201710-26 (OpenJPEG: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in OpenJPEG. Please review       the references below for details.
  Impact :

    A remote attacker, via a crafted BMP, PDF, or j2k document, could       execute arbitrary code, cause a Denial of Service condition, or have       other unspecified impacts.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-201603-09 (Chromium: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in the Chromium web       browser. Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process, cause a Denial of Service condition, obtain       sensitive information, or bypass security restrictions.
  Workaround :

    There is no known workaround at this time.

Several vulnerabilities have been discovered in the chromium web browser.

  - CVE-2016-1622     It was discovered that a maliciously crafted extension     could bypass the Same Origin Policy.

  - CVE-2016-1623     Mariusz Mlynski discovered a way to bypass the Same     Origin Policy.

  - CVE-2016-1624     lukezli discovered a buffer overflow issue in the Brotli     library.

  - CVE-2016-1625     Jann Horn discovered a way to cause the Chrome Instant     feature to navigate to unintended destinations.

  - CVE-2016-1626     An out-of-bounds read issue was discovered in the     openjpeg library.

  - CVE-2016-1627     It was discovered that the Developer Tools did not     validate URLs.

  - CVE-2016-1628     An out-of-bounds read issue was discovered in the pdfium     library.

  - CVE-2016-1629     A way to bypass the Same Origin Policy was discovered in     Blink/WebKit, along with a way to escape the chromium     sandbox.

Updated chromium-browser packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6 Supplementary.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Chromium is an open source web browser, powered by WebKit (Blink).

Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim. (CVE-2016-1622, CVE-2016-1623, CVE-2016-1624, CVE-2016-1625, CVE-2016-1626, CVE-2016-1627)

All Chromium users should upgrade to these updated packages, which contain Chromium version 48.0.2564.109, which corrects these issues.
After installing the update, Chromium must be restarted for the changes to take effect.

ID	Name	Product	Family	Severity
104339	Debian DSA-4013-1 : openjpeg2 - security update	Nessus	Debian Local Security Checks	high
104069	GLSA-201710-26 : OpenJPEG: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
89902	GLSA-201603-09 : Chromium: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
88869	Debian DSA-3486-1 : chromium-browser - security update	Nessus	Debian Local Security Checks	critical
88794	RHEL 6 : chromium-browser (RHSA-2016:0241)	Nessus	Red Hat Local Security Checks	high

Detections

Analytics

CVE-2016-1628

medium

Tenable Plugins

high

high

critical

critical

high