CVE-2016-9573

Published: 01 August 2018

An out-of-bounds read vulnerability was found in OpenJPEG 2.1.2, in the j2k_to_image tool. Converting a specially crafted JPEG2000 file to another format could cause the application to crash or, potentially, disclose some data from the heap.

Priority

Medium

CVSS 3 base score: 8.1

Status

Package Release Status
openjpeg2
Launchpad, Ubuntu, Debian
Upstream
Released (2.2.0)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(2.1.2-1.1)
Ubuntu 16.04 ESM (Xenial Xerus)
Released (2.1.2-1.1+deb9u2build0.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist