trylab

3 exploits Active since Sep 2016
CVE-2016-7163 WRITEUP HIGH WRITEUP
OpenJPEG < 2.2.0 - Remote Code Execution via Integer Overflow in opj_pi_create_decode
Integer overflow in the opj_pi_create_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
CVSS 7.8
CVE-2016-7445 WRITEUP HIGH WRITEUP
OpenJPEG < 2.1.2 - Denial of Service via NULL Pointer Dereference in convert.c
convert.c in OpenJPEG before 2.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors involving the variable s.
CVSS 7.5
CVE-2016-7568 WRITEUP CRITICAL WRITEUP
libgd < 2.2.3 - Integer Overflow in gdImageWebpCtx
Integer overflow in the gdImageWebpCtx function in gd_webp.c in the GD Graphics Library (aka libgd) through 2.2.3, as used in PHP through 7.0.11, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted imagewebp and imagedestroy calls.
CVSS 9.8