Описание
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
A vulnerability was found in Jasper, where a heap-based buffer over-read in the jp2_decode function in libjasper/jp2/jp2_dec.c can lead to a denial of service, where a remote attacker could exploit this flaw by persuading a victim to open a specially crafted file, causing the application to crash.
Отчет
This vulnerability is rated as low severity because it causes a denial of service through a heap-based buffer over-read. While it can crash the application, it does not pose a significant risk to system security or integrity.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | netpbm | Not affected | ||
| Red Hat Enterprise Linux 6 | jasper | Will not fix | ||
| Red Hat Enterprise Linux 7 | jasper | Will not fix | ||
| Red Hat Enterprise Linux 8 | jasper | Will not fix | ||
| Red Hat Enterprise Virtualization 3 | mingw-virt-viewer | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
JasPer 2.0.12 allows remote attackers to cause a denial of service (he ...
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c.
EPSS
4.3 Medium
CVSS3