Vulnerability Details : CVE-2016-7163
Potential exploit
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
Vulnerability category: OverflowExecute code
Products affected by CVE-2016-7163
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
- cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-7163
0.96%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-7163
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2016-7163
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-7163
-
http://rhn.redhat.com/errata/RHSA-2017-0559.html
RHSA-2017:0559 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.debian.org/security/2016/dsa-3665
Debian -- Security Information -- DSA-3665-1 openjpeg2Third Party Advisory
-
http://www.securityfocus.com/bid/92897
OpenJPEG CVE-2016-7163 Integer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
https://github.com/uclouvain/openjpeg/commit/c16bc057ba3f125051c9966cf1f5b68a05681de4
Fix an integer overflow issue (#809) · uclouvain/openjpeg@c16bc05 · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQ2IIIQSJ3J4MONBOGCG6XHLKKJX2HKM/
[SECURITY] Fedora 23 Update: openjpeg2-2.1.1-3.fc23 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/66BWMMMWXH32J5AOGLAJGZA3GH5LZHXH/
[SECURITY] Fedora 25 Update: openjpeg2-2.1.1-3.fc25 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://github.com/uclouvain/openjpeg/commit/ef01f18dfc6780b776d0674ed3e7415c6ef54d24
Cast to size_t before multiplication · uclouvain/openjpeg@ef01f18 · GitHubIssue Tracking;Patch;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/09/08/3
oss-security - CVE Request: OpenJPEG Integer Overflow IssueMailing List;Third Party Advisory
-
https://github.com/uclouvain/openjpeg/issues/826
CVE-2016-7163 Integer overflow in opj_pi_create_decode · Issue #826 · uclouvain/openjpeg · GitHubExploit;Issue Tracking;Patch;Third Party Advisory
-
https://github.com/uclouvain/openjpeg/pull/809
Fix an integer overflow issue by trylab · Pull Request #809 · uclouvain/openjpeg · GitHubIssue Tracking;Patch;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JYLOX7PZS3ZUHQ6RGI3M6H27B7I5ZZ26/
[SECURITY] Fedora 23 Update: mingw-openjpeg2-2.1.1-3.fc23 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
http://www.openwall.com/lists/oss-security/2016/09/08/6
oss-security - Re: CVE Request: OpenJPEG Integer Overflow IssueMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YGKSEWWWED77Q5ZHK4OA2EKSJXLRU3MK/
[SECURITY] Fedora 24 Update: openjpeg2-2.1.1-3.fc24 - package-announce - Fedora Mailing-ListsThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2017-0838.html
RHSA-2017:0838 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4IRSGYMBSHCBZP23CUDIRJ3LBKH6ZJ7/
[SECURITY] Fedora 24 Update: mingw-openjpeg2-2.1.1-3.fc24 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2T6IQAMS4W65MGP7UW5FPE22PXELTK5D/
[SECURITY] Fedora 25 Update: mingw-openjpeg2-2.1.1-3.fc25 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
Jump to