Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-10251

Опубликовано: 15 мар. 2017
Источник: debian
EPSS Низкий

Описание

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jasperremovedpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2016/11/04/11

  • https://github.com/mdadams/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387

  • https://github.com/asarubbo/poc/blob/master/00029-jasper-uninitvalue-jpc_pi_nextcprl

EPSS

Процентиль: 74%
0.00815
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-10251

CVSS3: 7.8
ubuntu
больше 8 лет назад

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

redhat логотип

CVE-2016-10251

CVSS3: 5.5
redhat
около 9 лет назад

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

nvd логотип

CVE-2016-10251

CVSS3: 7.8
nvd
больше 8 лет назад

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

github логотип

GHSA-4c9x-hwrm-39j5

CVSS3: 7.8
github
больше 3 лет назад

Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

suse-cvrf логотип

openSUSE-SU-2017:1034-1

suse-cvrf
больше 8 лет назад

Security update for jasper

EPSS

Процентиль: 74%
0.00815
Низкий