Описание
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
Отчет
This vulnerability is rated as low severity because it results in a denial of service, while a remote attacker can crash the application using a crafted file, it does not affect system security or integrity.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | netpbm | Will not fix | ||
| Red Hat Enterprise Linux 6 | jasper | Affected | ||
| Red Hat Enterprise Linux 7 | jasper | Affected | ||
| Red Hat Enterprise Linux 8 | jasper | Affected | ||
| Red Hat Enterprise Linux 9 | jasper | Not affected | ||
| Red Hat Enterprise Virtualization 3 | mingw-virt-viewer | Will not fix |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS3
Связанные уязвимости
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
There is a reachable assertion abort in the function jpc_dec_process_s ...
There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.
4.3 Medium
CVSS3