oss-sec mailing list archives

Re: CVE request - OpenJPEG : Out-Of-Bounds Read in sycc422_to_rgb function

From: cve-assign () mitre org
Date: Wed, 16 Mar 2016 15:46:17 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

A specially crafted JPEG2000 image file can force Out-Of-Bounds Read

opj_decompress -o image.pgm -i oob_sycc422_to_rgb.j2k

Program received signal SIGSEGV, Segmentation fault.


Use CVE-2016-3183.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJW6bbPAAoJEL54rhJi8gl5ZG0QAMvFedBeok1d3Y5AzP83yCMW
moXc10NZwmWICRH+GWTFXr5dnKuPkK6Ia0DRQmptKBnQgBUfMJEH3ARp0b94W1GN
FPPbegyZaHNRba5i/UX1T9020v55rYxVjs0997QJWSnXWSbO+G900IbkXgIaU+cs
wv07+21oh9iwmVCgd5pkgOPD4Z2QHA30JfAZe4OVT4NwgdryVnEGr8vHvXeJU1P9
MG8ouU8RXyMmbr/mklhbHmuaL/iGq8b7q5YrdW2AELBnsVf5XNmH9S4X9bss0Zge
eOuPN9o3KYQcUnxFF2iQncw7zoQHlh/vZEZY+6E3II/QqbUUGM7l9j1xOAQCKPrf
S6xP4r5xgoHyy9a8USTLkQhMqjn84oHStEohmqHgF1NfD2il4lJpK97irkZn33pY
Y5uin3hM70h8DCZBfG02BfjrL0mMCwbIXpWHX0lsmPRl5MNIsfoyqdwNF4hLM2J2
vrAjFxV1eZV696EaH1BhNeIjc6h2hufISWFpqkTP6d1/XHp08cej90BQaAJ9rTCQ
ozg9qJ/eeeACYwVbtD8z24a71wWqwqEa68XhO2wzQ/4KhUWcf1f90rt1SpcMo4jV
TmC6R53XqH9SbpkwLFsxmABvaS3scFjEylWlm6evQWGynzpKqp5ecn9wAu7cxy9F
4+FZb84Nk+ai1gcGtuyx
=laRf
-----END PGP SIGNATURE-----

Current thread:

CVE request - OpenJPEG : Out-Of-Bounds Read in sycc422_to_rgb function 刘科 (Mar 14)
- Re: CVE request - OpenJPEG : Out-Of-Bounds Read in sycc422_to_rgb function cve-assign (Mar 16)