This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote EulerOS host is missing multiple security updates.
According to the versions of the openjpeg package installed, the
EulerOS installation on the remote host is affected by the following
- Multiple integer overflow flaws, leading to heap-based
buffer overflows, were found in OpenJPEG. A specially
crafted JPEG2000 image could cause an application using
OpenJPEG to crash or, potentially, execute arbitrary
code. (CVE-2016-5139, CVE-2016-5158, CVE-2016-5159,
- An out-of-bounds read vulnerability was found in
OpenJPEG, in the j2k_to_image tool. Converting a
specially crafted JPEG2000 file to another format could
cause the application to crash or, potentially,
disclose some data from the heap. (CVE-2016-9573)
- A heap-based buffer overflow vulnerability was found in
OpenJPEG. A specially crafted JPEG2000 image, when read
by an application using OpenJPEG, could cause the
application to crash or, potentially, execute arbitrary
Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
See also :
Update the affected openjpeg packages.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.5
Public Exploit Available : false
Family: Huawei Local Security Checks
Nessus Plugin ID: 100683 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now