openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially execute arbitrary code.

The remote NewStart CGSL host, running version MAIN 4.05, has openjpeg packages installed that are affected by multiple vulnerabilities:

  - A vulnerability was found in the patch for CVE-2013-6045     for OpenJPEG. A specially crafted JPEG2000 image, when     read by an application using OpenJPEG, could cause heap-     based buffer overflows leading to a crash or possible     code execution. (CVE-2016-9675)

  - An integer overflow, leading to a heap buffer overflow,     was found in OpenJPEG. An attacker could create a     crafted JPEG2000 image that, when loaded by an     application using openjpeg, could lead to a crash or,     potentially, code execution. (CVE-2016-7163)

  - An integer overflow, leading to a heap buffer overflow,     was found in openjpeg, also affecting the PDF viewer in     Chromium. A specially crafted JPEG2000 image could cause     an incorrect calculation when allocating memory for code     blocks, which could lead to a crash, or potentially,     code execution. (CVE-2016-5159)

  - An integer overflow, leading to a heap buffer overflow,     was found in openjpeg, also affecting the PDF viewer in     Chromium. A specially crafted JPEG2000 image could cause     incorrect calculations when allocating various data     structures, which could lead to a crash, or potentially,     code execution. (CVE-2016-5158)

  - An integer overflow, leading to a heap buffer overflow,     was found in openjpeg, also affecting the PDF viewer in     Chromium. A specially crafted JPEG2000 image could cause     an incorrect calculation when allocating precinct data     structures, which could lead to a crash, or potentially,     code execution. (CVE-2016-5139)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

An update for openjpeg is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

Security Fix(es) :

* Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163)

* An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. (CVE-2016-9573)

* A heap-based buffer overflow vulnerability was found in OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause the application to crash or, potentially, execute arbitrary code. (CVE-2016-9675)

Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-9573. The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security).

Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update for openjpeg is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

Security Fix(es) :

* Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163)

* A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or, potentially, arbitrary code execution.
(CVE-2016-9675)

The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security).

Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :

  - Multiple integer overflow flaws, leading to heap-based     buffer overflows, were found in OpenJPEG. A specially     crafted JPEG2000 image could cause an application using     OpenJPEG to crash or, potentially, execute arbitrary     code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159,     CVE-2016-7163)

  - An out-of-bounds read vulnerability was found in     OpenJPEG, in the j2k_to_image tool. Converting a     specially crafted JPEG2000 file to another format could     cause the application to crash or, potentially,     disclose some data from the heap. (CVE-2016-9573)

  - A heap-based buffer overflow vulnerability was found in     OpenJPEG. A specially crafted JPEG2000 image, when read     by an application using OpenJPEG, could cause the     application to crash or, potentially, execute arbitrary     code. (CVE-2016-9675)

Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

An update for openjpeg is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

Security Fix(es) :

* Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163)

* An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. (CVE-2016-9573)

* A heap-based buffer overflow vulnerability was found in OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause the application to crash or, potentially, execute arbitrary code. (CVE-2016-9675)

Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-9573. The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security).

Security Fix(es) :

  - Multiple integer overflow flaws, leading to heap-based     buffer overflows, were found in OpenJPEG. A specially     crafted JPEG2000 image could cause an application using     OpenJPEG to crash or, potentially, execute arbitrary     code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159,     CVE-2016-7163)

  - An out-of-bounds read vulnerability was found in     OpenJPEG, in the j2k_to_image tool. Converting a     specially crafted JPEG2000 file to another format could     cause the application to crash or, potentially, disclose     some data from the heap. (CVE-2016-9573)

  - A heap-based buffer overflow vulnerability was found in     OpenJPEG. A specially crafted JPEG2000 image, when read     by an application using OpenJPEG, could cause the     application to crash or, potentially, execute arbitrary     code. (CVE-2016-9675)

The remote OracleVM system is missing necessary patches to address critical security updates :

  - Revert previous changes in patch for (CVE-2016-5159)

  - Fix double free in patch for (CVE-2016-5139)

  - Fix memory leaks and invalid read in cio_bytein Related:
    #1419775

  - Add two more allocation checks to patch for     (CVE-2016-5159) Related: #1419775

  - Add patches for CVE-2016-5139, CVE-2016-5158,     (CVE-2016-5159) Related: #1419775

  - Fix patch name: CVE-2016-9675 => (CVE-2016-7163)     Related: #1419775

  - Add patch for (CVE-2016-9675)

  - Fix Coverity issues Resolves: #1419775

From Red Hat Security Advisory 2017:0838 :

An update for openjpeg is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

Security Fix(es) :

* Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163)

* An out-of-bounds read vulnerability was found in OpenJPEG, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap. (CVE-2016-9573)

* A heap-based buffer overflow vulnerability was found in OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause the application to crash or, potentially, execute arbitrary code. (CVE-2016-9675)

Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-9573. The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security).

Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139 , CVE-2016-5158 , CVE-2016-5159 , CVE-2016-7163)

A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG.
A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or, potentially, arbitrary code execution. (CVE-2016-9675)

Security Fix(es) :

  - Multiple integer overflow flaws, leading to heap-based     buffer overflows, were found in OpenJPEG. A specially     crafted JPEG2000 image could cause an application using     OpenJPEG to crash or, potentially, execute arbitrary     code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159,     CVE-2016-7163)

  - A vulnerability was found in the patch for CVE-2013-6045     for OpenJPEG. A specially crafted JPEG2000 image, when     read by an application using OpenJPEG, could cause     heap-based buffer overflows leading to a crash or,     potentially, arbitrary code execution. (CVE-2016-9675)

An update for openjpeg is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

Security Fix(es) :

* Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163)

* A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or, potentially, arbitrary code execution.
(CVE-2016-9675)

The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security).

From Red Hat Security Advisory 2017:0559 :

An update for openjpeg is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

OpenJPEG is an open source library for reading and writing image files in JPEG2000 format.

Security Fix(es) :

* Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-7163)

* A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or, potentially, arbitrary code execution.
(CVE-2016-9675)

The CVE-2016-9675 issue was discovered by Doran Moppert (Red Hat Product Security).

ID	Name	Product	Family	Severity
127382	NewStart CGSL MAIN 4.05 : openjpeg Multiple Vulnerabilities (NS-SA-2019-0129)	Nessus	NewStart CGSL Local Security Checks	high
101442	Virtuozzo 7 : openjpeg / openjpeg-devel / openjpeg-libs (VZLSA-2017-0838)	Nessus	Virtuozzo Local Security Checks	high
101440	Virtuozzo 6 : openjpeg / openjpeg-devel / openjpeg-libs (VZLSA-2017-0559)	Nessus	Virtuozzo Local Security Checks	high
100683	EulerOS 2.0 SP1 : openjpeg (EulerOS-SA-2017-1088)	Nessus	Huawei Local Security Checks	high
99905	EulerOS 2.0 SP2 : openjpeg (EulerOS-SA-2017-1060)	Nessus	Huawei Local Security Checks	high
99041	CentOS 7 : openjpeg (CESA-2017:0838)	Nessus	CentOS Local Security Checks	high
97935	Scientific Linux Security Update : openjpeg on SL7.x x86_64 (20170322)	Nessus	Scientific Linux Local Security Checks	high
97911	RHEL 7 : openjpeg (RHSA-2017:0838)	Nessus	Red Hat Local Security Checks	high
97908	OracleVM 3.3 / 3.4 : openjpeg (OVMSA-2017-0048)	Nessus	OracleVM Local Security Checks	high
97907	Oracle Linux 7 : openjpeg (ELSA-2017-0838)	Nessus	Oracle Linux Local Security Checks	high
97897	Amazon Linux AMI : openjpeg (ALAS-2017-807)	Nessus	Amazon Linux Local Security Checks	high
97846	Scientific Linux Security Update : openjpeg on SL6.x i386/x86_64 (20170319)	Nessus	Scientific Linux Local Security Checks	high
97837	CentOS 6 : openjpeg (CESA-2017:0559)	Nessus	CentOS Local Security Checks	high
97823	RHEL 6 : openjpeg (RHSA-2017:0559)	Nessus	Red Hat Local Security Checks	high
97821	Oracle Linux 6 : openjpeg (ELSA-2017-0559)	Nessus	Oracle Linux Local Security Checks	high

Detections

Analytics

CVE-2016-9675

high

Tenable Plugins

high

high

high

high

high

high

high

high

high

high

high

high

high

high

high