Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2016-9394

Опубликовано: 23 мар. 2017
Источник: debian
EPSS Низкий

Описание

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jasperremovedpackage

Примечания

  • Fix: https://github.com/mdadams/jasper/commit/f7038068550fba0e41e1d0c355787f1dcd5bf330

  • Testcase: https://github.com/asarubbo/poc/blob/master/00016-jasper-assert-jas_matrix_t

  • Negligible security impact

EPSS

Процентиль: 63%
0.00461
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2016-9394

CVSS3: 5.5
ubuntu
больше 8 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

redhat логотип

CVE-2016-9394

CVSS3: 5.5
redhat
около 9 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

nvd логотип

CVE-2016-9394

CVSS3: 5.5
nvd
больше 8 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

github логотип

GHSA-p7j7-fgpw-pm2x

CVSS3: 5.5
github
больше 3 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

suse-cvrf логотип

openSUSE-SU-2017:1960-1

suse-cvrf
больше 8 лет назад

Security update for jasper

EPSS

Процентиль: 63%
0.00461
Низкий