Описание
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | uses system jasper |
| hardy | released | 8.61.dfsg.1-1ubuntu3.4 |
| lucid | released | 8.71.dfsg.1-0ubuntu5.4 |
| maverick | released | 8.71.dfsg.2-0ubuntu7.1 |
| natty | not-affected | uses system jasper |
| oneiric | not-affected | uses system jasper |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.900.1-12ubuntu1 |
| hardy | ignored | end of life |
| lucid | released | 1.900.1-7ubuntu0.10.04.1 |
| maverick | released | 1.900.1-7ubuntu0.10.10.1 |
| natty | released | 1.900.1-7ubuntu2.11.04.1 |
| oneiric | released | 1.900.1-7ubuntu2.11.10.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| hardy | not-affected | code not present |
| lucid | not-affected | code not present |
| maverick | not-affected | code not present |
| natty | not-affected | code not present |
| oneiric | not-affected | code not present |
| upstream | needs-triage |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.90 ...
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
EPSS
6.8 Medium
CVSS2