Home

CVE-2016-5159

Description

Multiple integer overflows in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data that is mishandled during opj_aligned_malloc calls in dwt.c and t1.c.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
1.26

Associated Vulnerability

VulnerabilityOS Platform
Updates for Google Chrome (66.0.3359.170)Windows
Updates for Google Chrome (x64) (66.0.3359.170)Windows
Updates for Google Chrome (66.0.3359.181)Windows
Updates for Google Chrome (x64) (66.0.3359.181)Windows
Updates for Google Chrome (67.0.3396.62)Windows
Updates for Google Chrome (x64) (67.0.3396.62)Windows
Updates for Google Chrome (67.0.3396.79)Windows
Updates for Google Chrome (x64) (67.0.3396.79)Windows
Updates for Google Chrome (67.0.3396.87)Windows
Updates for Google Chrome (x64) (67.0.3396.87)Windows
Google Chrome (67.0.3396.99)Windows
Google Chrome (x64) (67.0.3396.99)Windows
Multiple vulnerabilities fixed in Chrome 53.0.2785.89Windows
Multiple vulnerabilities fixed in Chrome 53.0.2785.92Windows
Multiple vulnerabilities fixed in Chrome (x64) 53.0.2785.89Windows
Multiple vulnerabilities fixed in Chrome (x64) 53.0.2785.92Windows
Multiple vulnerabilities are fixed in Update for Google Chrome For Mac (53.0.2785.89)Mac
Multiple vulnerabilities are fixed in Google Chrome for Mac 53.0.2785.92Mac
Openjpeg security update (CESA-2017:0559) openjpeg-1.3-16.el6_8.i686.rpmLinux
Openjpeg security update (CESA-2017:0559) openjpeg-1.3-16.el6_8.x86_64.rpmLinux
Openjpeg security update (CESA-2017:0559) openjpeg-libs-1.3-16.el6_8.i686.rpmLinux
Openjpeg security update (CESA-2017:0559) openjpeg-libs-1.3-16.el6_8.x86_64.rpmLinux
Openjpeg security update (CESA-2017:0559) openjpeg-devel-1.3-16.el6_8.i686.rpmLinux
Openjpeg security update (CESA-2017:0559) openjpeg-devel-1.3-16.el6_8.x86_64.rpmLinux
(RHSA-2017:0559) Moderate: openjpeg security update openjpeg-1.3-16.el6_8.i686.rpmLinux
(RHSA-2017:0559) Moderate: openjpeg security update openjpeg-1.3-16.el6_8.x86_64.rpmLinux
(RHSA-2017:0559) Moderate: openjpeg security update openjpeg-devel-1.3-16.el6_8.i686.rpmLinux
(RHSA-2017:0559) Moderate: openjpeg security update openjpeg-devel-1.3-16.el6_8.x86_64.rpmLinux
(RHSA-2017:0559) Moderate: openjpeg security update openjpeg-libs-1.3-16.el6_8.i686.rpmLinux
(RHSA-2017:0559) Moderate: openjpeg security update openjpeg-libs-1.3-16.el6_8.x86_64.rpmLinux
Openjpeg update (ELSA-2017-0559) openjpeg-1.3-16.el6_8.x86_64.rpmLinux
Openjpeg-devel update (ELSA-2017-0559) openjpeg-devel-1.3-16.el6_8.x86_64.rpmLinux
Openjpeg-libs update (ELSA-2017-0559) openjpeg-libs-1.3-16.el6_8.x86_64.rpmLinux
Openjpeg update (ELSA-2017-0559) openjpeg-1.3-16.el6_8.i686.rpmLinux
Openjpeg-devel update (ELSA-2017-0559) openjpeg-devel-1.3-16.el6_8.i686.rpmLinux
Openjpeg-libs update (ELSA-2017-0559) openjpeg-libs-1.3-16.el6_8.i686.rpmLinux
Updates for Google Chrome (66.0.3359.170) (For Ubuntu)Linux
Updates for Google Chrome (66.0.3359.170) (For Debian)Linux
Updates for Google Chrome (66.0.3359.181) (For Debian)Linux
Updates for Google Chrome (67.0.3396.62) (For Debian)Linux
Updates for Google Chrome (67.0.3396.79) (For Debian)Linux
Updates for Google Chrome (67.0.3396.87) (For Debian)Linux
Google Chrome (67.0.3396.99) (For Debian)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.89 (For Debian)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.92 (For Debian)Linux
Updates for Google Chrome (66.0.3359.170) (For Centos)Linux
Updates for Google Chrome (66.0.3359.181) (For Centos)Linux
Updates for Google Chrome (67.0.3396.62) (For Centos)Linux
Updates for Google Chrome (67.0.3396.79) (For Centos)Linux
Updates for Google Chrome (67.0.3396.87) (For Centos)Linux
Google Chrome (67.0.3396.99) (For Centos)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.89 (For Centos)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.92 (For Centos)Linux
Updates for Google Chrome (66.0.3359.170) (For RedHat)Linux
Updates for Google Chrome (66.0.3359.181) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.62) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.79) (For RedHat)Linux
Updates for Google Chrome (67.0.3396.87) (For RedHat)Linux
Google Chrome (67.0.3396.99) (For RedHat)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.89 (For RedHat)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.92 (For RedHat)Linux
Updates for Google Chrome (66.0.3359.170) (For Suse)Linux
Updates for Google Chrome (66.0.3359.181) (For Suse)Linux
Updates for Google Chrome (67.0.3396.62) (For Suse)Linux
Updates for Google Chrome (67.0.3396.79) (For Suse)Linux
Updates for Google Chrome (67.0.3396.87) (For Suse)Linux
Google Chrome (67.0.3396.99) (For Suse)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.89 (For Suse)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.92 (For Suse)Linux
Updates for Google Chrome (66.0.3359.181) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.62) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.79) (For Ubuntu)Linux
Updates for Google Chrome (67.0.3396.87) (For Ubuntu)Linux
Google Chrome (67.0.3396.99) (For Ubuntu)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.89 (For Ubuntu)Linux
Multiple vulnerabilities fixed in Chrome 53.0.2785.92 (For Ubuntu)Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-307513Updates for Google Chrome (66.0.3359.170)
PATCH-307515Updates for Google Chrome (x64) (66.0.3359.170)
PATCH-307534Updates for Google Chrome (66.0.3359.181)
PATCH-307535Updates for Google Chrome (x64) (66.0.3359.181)
PATCH-307607Updates for Google Chrome (67.0.3396.62)
PATCH-307608Updates for Google Chrome (x64) (67.0.3396.62)
PATCH-307641Updates for Google Chrome (67.0.3396.79)
PATCH-307644Updates for Google Chrome (x64) (67.0.3396.79)
PATCH-307660Updates for Google Chrome (67.0.3396.87)
PATCH-307662Updates for Google Chrome (x64) (67.0.3396.87)
PATCH-307715Google Chrome (67.0.3396.99)
PATCH-307716Google Chrome (x64) (67.0.3396.99)
PATCH-313038Google Chrome (80.0.3987.122)
PATCH-313038Google Chrome (80.0.3987.122)
PATCH-313039Google Chrome (x64) (80.0.3987.122)
PATCH-313039Google Chrome (x64) (80.0.3987.122)
PATCH-609673Google Chrome for Mac (132.0.6834.83, 132.0.6834.84)
PATCH-611995Google Chrome for Mac (140.0.7339.132 , 140.0.7339.133)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234