CVE-2017-5505

Опубликовано: 16 мар. 2017

Источник: debian

EPSS Низкий

Описание

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
jasper	removed			package

Примечания

https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jas_matrix_asl-jas_seq-c
https://github.com/mdadams/jasper/issues/88
Not suitable for code injection, hardly denial of service

EPSS

Процентиль: 60%

0.00404

Низкий

Связанные уязвимости

CVE-2017-5505

CVSS3: 5.5

ubuntu

почти 9 лет назад

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

CVE-2017-5505

CVSS3: 4.4

redhat

около 9 лет назад

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

CVE-2017-5505

CVSS3: 5.5

nvd

почти 9 лет назад

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

GHSA-jcmq-p3g6-5394

CVSS3: 5.5

github

больше 3 лет назад

The jas_matrix_asl function in jas_seq.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.

openSUSE-SU-2020:1523-1

suse-cvrf

больше 5 лет назад

Security update for jasper

EPSS

Процентиль: 60%

0.00404

Низкий