CVE-2016-9583

Опубликовано: 01 авг. 2018

Источник: debian

EPSS Низкий

Описание

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

Пакет	Статус	Версия исправления	Релиз	Тип
jasper	removed			package

https://github.com/mdadams/jasper/issues/103
Fixed by https://github.com/mdadams/jasper/commit/99a50593254d1b53002719bbecfc946c84b23d27
The issue exists due to an overflow check which is not present
in Wheezy and Jessie. However it makes sense to implement this check.
This can be done when more important issues are found [wheezy].
Not suitable for code injection, hardly denial of service

EPSS

Процентиль: 54%

0.00318

Низкий

CVE-2016-9583

CVSS3: 5.5

ubuntu

больше 7 лет назад

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

CVE-2016-9583

CVSS3: 5.5

redhat

почти 9 лет назад

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

CVE-2016-9583

CVSS3: 5.5

nvd

больше 7 лет назад

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

GHSA-3f3w-h3vg-6wx9

CVSS3: 7.8

github

больше 3 лет назад

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

openSUSE-SU-2017:1034-1

suse-cvrf

больше 8 лет назад

Security update for jasper

EPSS

Процентиль: 54%

0.00318

Низкий