CVE-2016-9393

Опубликовано: 23 мар. 2017

Источник: debian

EPSS Низкий

Описание

The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jasper	removed			package

Примечания

Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330
Testcase: https://github.com/asarubbo/poc/blob/master/00013-jasper-assert-jpc_pi_nextrpcl
Negligible security impact

EPSS

Процентиль: 64%

0.00475

Низкий

Связанные уязвимости

CVE-2016-9393

CVSS3: 5.5

ubuntu

больше 8 лет назад

The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-9393

CVSS3: 5.5

redhat

около 9 лет назад

The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-9393

CVSS3: 5.5

nvd

больше 8 лет назад

The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

GHSA-6jhf-6jfc-fjgh

CVSS3: 5.5

github

больше 3 лет назад

The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

openSUSE-SU-2017:1960-1

suse-cvrf

больше 8 лет назад

Security update for jasper

EPSS

Процентиль: 64%

0.00475

Низкий