Vulnerability Details : CVE-2016-5157
Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.
Vulnerability category: OverflowExecute code
Products affected by CVE-2016-5157
- cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5157
3.50%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5157
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2016-5157
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5157
-
http://www.debian.org/security/2016/dsa-3660
Debian -- Security Information -- DSA-3660-1 chromium-browser
-
http://www.openwall.com/lists/oss-security/2016/09/08/5
oss-security - Re: CVE Request: OpenJPEG Heap Buffer Overflow IssueMailing List
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQ2IIIQSJ3J4MONBOGCG6XHLKKJX2HKM/
[SECURITY] Fedora 23 Update: openjpeg2-2.1.1-3.fc23 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
http://www.securityfocus.com/bid/92717
Google Chrome Prior to 53.0.2785.89 Multiple Security Vulnerabilities
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66BWMMMWXH32J5AOGLAJGZA3GH5LZHXH/
[SECURITY] Fedora 25 Update: openjpeg2-2.1.1-3.fc25 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-1854.html
RHSA-2016:1854 - Security Advisory - Red Hat Customer Portal
-
http://www.securitytracker.com/id/1036729
Google Chrome Multiple Flaws Lets Remote Users Bypass Security Restrictions, Conduct Cross-Site Scripting Attacks, Spoof URLs, and Execute Arbitrary Code - SecurityTracker
-
https://crbug.com/632622
Inloggen - Google AccountsPermissions Required
-
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.html
[security-announce] openSUSE-SU-2016:2250-1: important: Security update
-
http://lists.opensuse.org/opensuse-updates/2016-09/msg00073.html
openSUSE-SU-2016:2349-1: moderate: Security update for operaThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.html
[security-announce] openSUSE-SU-2016:2296-1: important: Security update
-
http://www.debian.org/security/2017/dsa-4013
Debian -- Security Information -- DSA-4013-1 openjpeg2
-
https://security.gentoo.org/glsa/201610-09
Chromium: Multiple vulnerabilities (GLSA 201610-09) — Gentoo security
-
https://bugzilla.redhat.com/show_bug.cgi?id=1374337
1374337 – openjpeg: Heap buffer overflow in opj_dwt_interleave_v in dwt.cIssue Tracking;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JYLOX7PZS3ZUHQ6RGI3M6H27B7I5ZZ26/
[SECURITY] Fedora 23 Update: mingw-openjpeg2-2.1.1-3.fc23 - package-announce - Fedora Mailing-ListsIssue Tracking;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.html
[security-announce] SUSE-SU-2016:2251-1: important: Security update for
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGKSEWWWED77Q5ZHK4OA2EKSJXLRU3MK/
[SECURITY] Fedora 24 Update: openjpeg2-2.1.1-3.fc24 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4IRSGYMBSHCBZP23CUDIRJ3LBKH6ZJ7/
[SECURITY] Fedora 24 Update: mingw-openjpeg2-2.1.1-3.fc24 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://pdfium.googlesource.com/pdfium/+/b6befb2ed2485a3805cddea86dc7574510178ea9
b6befb2ed2485a3805cddea86dc7574510178ea9 - pdfium - Git at GoogleIssue Tracking
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2T6IQAMS4W65MGP7UW5FPE22PXELTK5D/
[SECURITY] Fedora 25 Update: mingw-openjpeg2-2.1.1-3.fc25 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
https://github.com/uclouvain/openjpeg/commit/e078172b1c3f98d2219c37076b238fb759c751ea
Add sanity check for tile coordinates (#823) · uclouvain/openjpeg@e078172 · GitHubIssue Tracking
-
https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
Chrome Releases: Stable Channel Update for DesktopVendor Advisory
Jump to