Описание
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | uses system jasper |
| hardy | not-affected | |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | uses system jasper |
| oneiric | not-affected | uses system jasper |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.701.0-2ubuntu0.6.06.1 |
| devel | not-affected | |
| feisty | ignored | end of life, was needed |
| gutsy | released | 1.900.1-3ubuntu0.7.10.1 |
| hardy | released | 1.900.1-3ubuntu0.8.04.1 |
| intrepid | released | 1.900.1-5ubuntu0.1 |
| lucid | not-affected | |
| maverick | not-affected | |
| natty | not-affected | |
| oneiric | not-affected |
Показывать по
EPSS
7.2 High
CVSS2
Связанные уязвимости
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
Race condition in the jas_stream_tmpfile function in libjasper/base/ja ...
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink issue, but this was incorrect. NOTE: some vendors dispute the severity of this issue, but it satisfies CVE's requirements for inclusion.
EPSS
7.2 High
CVSS2