What is the severity of CVE-2016-5158?

CVE-2016-5158 has a moderate severity level as it allows remote attackers to cause a denial of service due to heap-based buffer overflow.

How do I fix CVE-2016-5158?

To mitigate CVE-2016-5158, update Google Chrome to version 53.0.2785.89 or later, or upgrade your affected OpenSUSE version beyond 42.1.

Which software is affected by CVE-2016-5158?

CVE-2016-5158 affects Google Chrome versions up to 52.0.2743.116 and OpenSUSE Leap 42.1.

Can CVE-2016-5158 lead to data loss?

While CVE-2016-5158 primarily causes denial of service, it may potentially lead to data loss if the application crashes during critical operations.

Is CVE-2016-5158 exploitative in nature?

Yes, attackers can exploit CVE-2016-5158 to crash the application or potentially execute arbitrary code, thus posing a security risk.

Vulnerability/
CVE-2016-5158

high

8.8

CWE

119 190

11/9/2016

6/8/2024

CVE-2016-5158: Buffer Overflow

First published: Sun Sep 11 2016(Updated: )

Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data.

Credit: cve-coordination@google.com

Affected Software	Affected Version	How to fix
openSUSE	=42.1
Google Chrome	<=52.0.2743.116

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-5158?
CVE-2016-5158 has a moderate severity level as it allows remote attackers to cause a denial of service due to heap-based buffer overflow.
How do I fix CVE-2016-5158?
To mitigate CVE-2016-5158, update Google Chrome to version 53.0.2785.89 or later, or upgrade your affected OpenSUSE version beyond 42.1.
Which software is affected by CVE-2016-5158?
CVE-2016-5158 affects Google Chrome versions up to 52.0.2743.116 and OpenSUSE Leap 42.1.
Can CVE-2016-5158 lead to data loss?
While CVE-2016-5158 primarily causes denial of service, it may potentially lead to data loss if the application crashes during critical operations.
Is CVE-2016-5158 exploitative in nature?
Yes, attackers can exploit CVE-2016-5158 to crash the application or potentially execute arbitrary code, thus posing a security risk.

agent/references
agent/weakness
agent/type
agent/softwarecombine
agent/author
agent/severity
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/opensuse
canonical/opensuse
version/opensuse/42.1
vendor/google
canonical/google chrome
version/google chrome/52.0.2743.116

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

Frequently Asked Questions

What is the severity of CVE-2016-5158?
CVE-2016-5158 has a moderate severity level as it allows remote attackers to cause a denial of service due to heap-based buffer overflow.
How do I fix CVE-2016-5158?
To mitigate CVE-2016-5158, update Google Chrome to version 53.0.2785.89 or later, or upgrade your affected OpenSUSE version beyond 42.1.
Which software is affected by CVE-2016-5158?
CVE-2016-5158 affects Google Chrome versions up to 52.0.2743.116 and OpenSUSE Leap 42.1.
Can CVE-2016-5158 lead to data loss?
While CVE-2016-5158 primarily causes denial of service, it may potentially lead to data loss if the application crashes during critical operations.
Is CVE-2016-5158 exploitative in nature?
Yes, attackers can exploit CVE-2016-5158 to crash the application or potentially execute arbitrary code, thus posing a security risk.