CVE-2016-9395

Опубликовано: 23 мар. 2017

Источник: debian

Описание

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jasper	removed			package

Примечания

Fix: https://github.com/mdadams/jasper/commit/d42b2388f7f8e0332c846675133acea151fc557a
Testcase: https://github.com/asarubbo/poc/blob/master/00043-jasper-assert-jas_matrix_t
Negligible security impact

Связанные уязвимости

CVE-2016-9395

CVSS3: 5.5

ubuntu

почти 9 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-9395

CVSS3: 5.5

redhat

около 9 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-9395

CVSS3: 5.5

nvd

почти 9 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

GHSA-2rfg-9hpp-f2vv

CVSS3: 5.5

github

больше 3 лет назад

The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

openSUSE-SU-2017:0101-1

suse-cvrf

около 9 лет назад

Security update for jasper