CVE-2016-9392

Опубликовано: 23 мар. 2017

Источник: debian

Описание

The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jasper	removed			package

Примечания

Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
Testcase: https://github.com/asarubbo/poc/blob/master/00012-jasper-assert-calcstepsizes
Negligible security impact

Связанные уязвимости

CVE-2016-9392

CVSS3: 5.5

ubuntu

больше 8 лет назад

The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-9392

CVSS3: 5.5

redhat

около 9 лет назад

The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-9392

CVSS3: 5.5

nvd

больше 8 лет назад

The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

GHSA-wvc6-prg5-x35m

CVSS3: 5.5

github

больше 3 лет назад

The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

openSUSE-SU-2017:1960-1

suse-cvrf

больше 8 лет назад

Security update for jasper