High severity8.8NVD Advisory· Published Sep 11, 2016· Updated May 6, 2026
CVE-2016-5152
CVE-2016-5152
Description
Integer overflow in the opj_tcd_get_decoded_tile_size function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
13- lists.opensuse.org/opensuse-security-announce/2016-09/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-09/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-09/msg00008.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-09/msg00073.htmlnvd
- rhn.redhat.com/errata/RHSA-2016-1854.htmlnvd
- www.debian.org/security/2016/dsa-3660nvd
- www.debian.org/security/2017/dsa-4013nvd
- www.securityfocus.com/bid/92717nvd
- www.securitytracker.com/id/1036729nvd
- codereview.chromium.org/2182683002nvd
- crbug.com/629919nvd
- googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.htmlnvd
- security.gentoo.org/glsa/201610-09nvd
News mentions
0No linked articles in our index yet.