Critical severity9.8NVD Advisory· Published Sep 21, 2016· Updated May 6, 2026
CVE-2015-8871
CVE-2015-8871
Description
Use-after-free vulnerability in the opj_j2k_write_mco function in j2k.c in OpenJPEG before 2.1.1 allows remote attackers to have unspecified impact via unknown vectors.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- github.com/uclouvain/openjpeg/commit/940100c28ae28931722290794889cf84a92c5f6fnvdIssue TrackingPatch
- github.com/uclouvain/openjpeg/issues/563nvdIssue TrackingPatch
- www.debian.org/security/2016/dsa-3665nvdThird Party Advisory
- www.openwall.com/lists/oss-security/2015/09/15/4nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2016/05/13/1nvdMailing ListThird Party Advisory
- github.com/uclouvain/openjpeg/blob/master/CHANGELOG.mdnvdRelease NotesThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- www.securitytracker.com/id/1038623nvd
- security.gentoo.org/glsa/201612-26nvd
News mentions
0No linked articles in our index yet.