Heap-based Buffer Overflow in OpenJPEG Allows Remote Code Execution

Heap-based Buffer Overflow in OpenJPEG Allows Remote Code Execution

CVE-2016-5157 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.