| Revision Date: | 2017-02-03 | Version: | 1 | | Title: | CVE-2016-4796 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | Heap-based buffer overflow in the color_cmyk_to_rgb in common/color.c in OpenJPEG before 2.1.1 allows remote attackers to cause a denial of service (crash) via a crafted .j2k file.
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2016-4796
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
NOT libopenjpeg-java package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjpeg5 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT openjpeg-tools package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT openjpip-dec-server package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT openjpip-server package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT openjpip-viewer package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT openjpip-viewer-xerces package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjp2-7 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjp2-tools package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjp3d-tools package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjp3d7 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjpip-dec-server package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjpip-server package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjpip-viewer package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
OR NOT libopenjpip7 package in xenial, while related to the CVE in some way, is not affected (note: 'code not present').
|
|