Описание
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | netpbm | Will not fix | ||
| Red Hat Enterprise Virtualization 3 | mingw-virt-viewer | Will not fix | ||
| Red Hat Enterprise Linux 6 | jasper | Fixed | RHSA-2017:1208 | 09.05.2017 |
| Red Hat Enterprise Linux 7 | jasper | Fixed | RHSA-2017:1208 | 09.05.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
2.5 Low
CVSS3
2.6 Low
CVSS2
Связанные уязвимости
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/ ...
Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.
EPSS
2.5 Low
CVSS3
2.6 Low
CVSS2