Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9390

Опубликовано: 23 мар. 2017
Источник: debian
EPSS Низкий

Описание

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jasperremovedpackage

Примечания

  • Fix: https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865

  • Testcase: https://github.com/asarubbo/poc/blob/master/00007-jasper-assert-jas_matrix_t

  • Negligible security impact

EPSS

Процентиль: 63%
0.00461
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-9390

CVSS3: 5.5
ubuntu
больше 8 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

redhat логотип

CVE-2016-9390

CVSS3: 5.5
redhat
около 9 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

nvd логотип

CVE-2016-9390

CVSS3: 5.5
nvd
больше 8 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

github логотип

GHSA-cr6p-r85c-36p2

CVSS3: 5.5
github
больше 3 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.

suse-cvrf логотип

openSUSE-SU-2017:1960-1

suse-cvrf
больше 8 лет назад

Security update for jasper

EPSS

Процентиль: 63%
0.00461
Низкий