Vulnerabilities > CVE-2016-9572 - NULL Pointer Dereference vulnerability in multiple products

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
uclouvain
debian
CWE-476
nessus
NVD
Published: 2018-08-01
Updated: 2023-02-12

Summary

A NULL pointer dereference flaw was found in the way openjpeg 2.1.2 decoded certain input images. Due to a logic error in the code responsible for decoding the input image, an application using openjpeg to process image data could crash when processing a crafted image.

Vulnerable Configurations

Part Description Count
Application
Uclouvain
1
OS
Debian
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-89EE54C661.NASL
    descriptionThis update fixes CVE-2016-9580 and CVE-2016-9581. ---- This update adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-01-03
    plugin id96211
    published2017-01-03
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96211
    titleFedora 25 : mingw-openjpeg2 (2016-89ee54c661)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-FC8577BF00.NASL
    descriptionThis updates adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-12-12
    plugin id95692
    published2016-12-12
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95692
    titleFedora 25 : openjpeg2 (2016-fc8577bf00)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-3768.NASL
    descriptionMultiple vulnerabilities in OpenJPEG, a JPEG 2000 image compression / decompression library, may result in denial of service or the execution of arbitrary code if a malformed JPEG 2000 file is processed.
    last seen2020-06-01
    modified2020-06-02
    plugin id96667
    published2017-01-23
    reporterThis script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96667
    titleDebian DSA-3768-1 : openjpeg2 - security update
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2016-3270-1.NASL
    descriptionThis update for openjpeg2 fixes the following issues : - CVE-2016-9114: NULL pointer Access in function imagetopnm of convert.c:1943(jp2) could lead to crash [bsc#1007740] - CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c(jp2) [bsc#1007741] - CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop [bsc#1014975] - CVE-2016-9117: NULL pointer Access in function imagetopnm of convert.c(jp2):1289 [bsc#1007743] - CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c [bsc#1007744] - CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523 [bsc#1007747] - CVE-2016-9116: NULL pointer Access in function imagetopnm of convert.c:2226(jp2) [bsc#1007742] - CVE-2016-9113: NULL point dereference in function imagetobmp of convertbmp.c could lead to crash [bsc#1007739] - CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could lead to heap buffer overflow [bsc#1014543] - CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format could lead to code execution [bsc#1002414] - CVE-2016-7445: NULL pointer dereference in convert.c could lead to crash [bsc#999817] Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id96147
    published2016-12-27
    reporterThis script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96147
    titleSUSE SLED12 / SLES12 Security Update : openjpeg2 (SUSE-SU-2016:3270-1)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2017-279-02.NASL
    descriptionNew openjpeg packages are available for Slackware 14.2 and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id103704
    published2017-10-09
    reporterThis script is Copyright (C) 2017-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/103704
    titleSlackware 14.2 / current : openjpeg (SSA:2017-279-02)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-0B80DCFE5A.NASL
    descriptionThis updates adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2016-12-12
    plugin id95669
    published2016-12-12
    reporterThis script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/95669
    titleFedora 24 : openjpeg2 (2016-0b80dcfe5a)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-120.NASL
    descriptionThis update for openjpeg2 fixes the following issues : - CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could lead to heap buffer overflow [bsc#1014543] - CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop [bsc#1014975] - CVE-2016-7445: NULL pointer dereference in convert.c could lead to crash [bsc#999817] - CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format could lead to code execution [bsc#1002414] - CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523 [bsc#1007747] - CVE-2016-9113: NULL point dereference in function imagetobmp of convertbmp.c could lead to crash [bsc#1007739] - CVE-2016-9114: NULL pointer Access in function imagetopnm of convert.c:1943(jp2) could lead to crash [bsc#1007740] - CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c(jp2) [bsc#1007741] - CVE-2016-9116: NULL pointer Access in function imagetopnm of convert.c:2226(jp2) [bsc#1007742] - CVE-2016-9117: NULL pointer Access in function imagetopnm of convert.c(jp2):1289 [bsc#1007743] - CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c [bsc#1007744]
    last seen2020-06-05
    modified2017-01-20
    plugin id96646
    published2017-01-20
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96646
    titleopenSUSE Security Update : openjpeg2 (openSUSE-2017-120)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-101.NASL
    descriptionThis update for openjpeg2 fixes the following issues : - CVE-2016-9114: NULL pointer Access in function imagetopnm of convert.c:1943(jp2) could lead to crash [bsc#1007740] - CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c(jp2) [bsc#1007741] - CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop [bsc#1014975] - CVE-2016-9117: NULL pointer Access in function imagetopnm of convert.c(jp2):1289 [bsc#1007743] - CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c [bsc#1007744] - CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523 [bsc#1007747] - CVE-2016-9116: NULL pointer Access in function imagetopnm of convert.c:2226(jp2) [bsc#1007742] - CVE-2016-9113: NULL point dereference in function imagetobmp of convertbmp.c could lead to crash [bsc#1007739] - CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could lead to heap buffer overflow [bsc#1014543] - CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format could lead to code execution [bsc#1002414] - CVE-2016-7445: NULL pointer dereference in convert.c could lead to crash [bsc#999817] This update was imported from the SUSE:SLE-12-SP2:Update update project.
    last seen2020-06-05
    modified2017-01-18
    plugin id96577
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96577
    titleopenSUSE Security Update : openjpeg2 (openSUSE-2017-101)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201710-26.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201710-26 (OpenJPEG: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in OpenJPEG. Please review the references below for details. Impact : A remote attacker, via a crafted BMP, PDF, or j2k document, could execute arbitrary code, cause a Denial of Service condition, or have other unspecified impacts. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id104069
    published2017-10-23
    reporterThis script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/104069
    titleGLSA-201710-26 : OpenJPEG: Multiple vulnerabilities
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2016-52A1B18397.NASL
    descriptionThis update fixes CVE-2016-9580 and CVE-2016-9581. ---- This update adds a patch to fix CVE-2016-9573 and CVE-2016-9572. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-05
    modified2017-01-03
    plugin id96202
    published2017-01-03
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96202
    titleFedora 24 : mingw-openjpeg2 (2016-52a1b18397)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2017-108.NASL
    descriptionThis update for openjpeg2 fixes the following issues : - CVE-2016-9572 CVE-2016-9573: Insuficient check in imagetopnm() could lead to heap buffer overflow [bsc#1014543] - CVE-2016-9580, CVE-2016-9581: Possible Heap buffer overflow via integer overflow and infite loop [bsc#1014975] - CVE-2016-7445: NULL pointer dereference in convert.c could lead to crash [bsc#999817] - CVE-2016-8332: Malicious file in OpenJPEG JPEG2000 format could lead to code execution [bsc#1002414] - CVE-2016-9112: FPE(Floating Point Exception) in lib/openjp2/pi.c:523 [bsc#1007747] - CVE-2016-9113: NULL point dereference in function imagetobmp of convertbmp.c could lead to crash [bsc#1007739] - CVE-2016-9114: NULL pointer Access in function imagetopnm of convert.c:1943(jp2) could lead to crash [bsc#1007740] - CVE-2016-9115: Heap Buffer Overflow in function imagetotga of convert.c(jp2) [bsc#1007741] - CVE-2016-9116: NULL pointer Access in function imagetopnm of convert.c:2226(jp2) [bsc#1007742] - CVE-2016-9117: NULL pointer Access in function imagetopnm of convert.c(jp2):1289 [bsc#1007743] - CVE-2016-9118: Heap Buffer Overflow in function pnmtoimage of convert.c [bsc#1007744]
    last seen2020-06-05
    modified2017-01-18
    plugin id96580
    published2017-01-18
    reporterThis script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/96580
    titleopenSUSE Security Update : openjpeg2 (openSUSE-2017-108)
  • NASL familyDatabases
    NASL idORACLE_RDBMS_CPU_JUL_2019.NASL
    descriptionThe remote Oracle Database Server is missing the July 2019 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability in the Spatial component of Oracle Database Server, which could allow an authenticated, remote attacker to cause a partial denial of service of Spatial. (CVE-2016-9572) - An unspecified vulnerability in the Core RDBMS component of Oracle Database Server, which could allow an unauthenticated, remote attacker to take over Core RDBMS (CVE-2018-11058) - An unspecified vulnerability in the Application Express component of Oracle Database Server, which could allow an authenticated, remote attacker to manipulate Application Express accessible data. (CVE-2019-2484) - An unspecified vulnerability in the Core RDBMS component of Oracle Database Server, which could allow an authenticated, local attacker complete access to all Core RDBMS accessible data. (CVE-2019-2569) - An unspecified vulnerability in the Java VM component of Oracle Database Server, which could allow an authenticated, remote attacker to manipulate Java VM accessible data or cause a complete denial of service of Java VM. (CVE-2019-2749) - An unspecified vulnerability in the Oracle Text component of Oracle Database Server, which could allow an authenticated, remote attacker to read a subset of Oracle Text accessible data or cause a partial denial of service of Oracle Text. (CVE-2019-2753) - An unspecified vulnerability in the Core RDBMS component of Oracle Database Server, which could allow an authenticated, remote attacker complete access to all Core RDBMS accessible data. (CVE-2019-2776) - An unspecified vulnerability in the Oracle ODBC Driver component of Oracle Database Server, which could allow an authenticated, remote attacker to take over Oracle ODBC Driver. Note this vulnerability only affects the Windows platform. (CVE-2019-2799) Note that Nessus has not tested for these issues but has instead relied only on the application
    last seen2020-06-02
    modified2019-07-19
    plugin id126830
    published2019-07-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126830
    titleOracle Database Server Multiple Vulnerabilities (Jul 2019 CPU)

References