CVE-2016-8882

Опубликовано: 13 янв. 2017

Источник: debian

EPSS Низкий

Описание

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jasper	removed			package

Примечания

https://github.com/mdadams/jasper/issues/30
https://github.com/mdadams/jasper/commit/69a1439a5381e42b06ec6a06ed2675eb793babee (version-1.900.8)
Not suitable for code injection, hardly denial of service

EPSS

Процентиль: 46%

0.00236

Низкий

Связанные уязвимости

CVE-2016-8882

CVSS3: 5.5

ubuntu

около 9 лет назад

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

CVE-2016-8882

CVSS3: 7

redhat

больше 9 лет назад

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

CVE-2016-8882

CVSS3: 5.5

nvd

около 9 лет назад

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

GHSA-4mjr-hjjc-26r8

CVSS3: 5.5

github

больше 3 лет назад

The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

SUSE-SU-2016:2776-1

suse-cvrf

около 9 лет назад

Security update for jasper

EPSS

Процентиль: 46%

0.00236

Низкий