Описание
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | uses system jasper |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [uses system jasper]] |
| lucid | released | 8.71.dfsg.1-0ubuntu5.7 |
| precise | not-affected | uses system jasper |
| trusty | not-affected | uses system jasper |
| trusty/esm | DNE | trusty was not-affected [uses system jasper] |
| upstream | needs-triage | |
| utopic | not-affected | uses system jasper |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.900.1-debian1-2.3ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [1.900.1-14ubuntu3.2]] |
| lucid | ignored | end of life |
| precise | released | 1.900.1-13ubuntu0.2 |
| trusty | released | 1.900.1-14ubuntu3.2 |
| trusty/esm | DNE | trusty was released [1.900.1-14ubuntu3.2] |
| upstream | needs-triage | |
| utopic | released | 1.900.1-debian1-2ubuntu0.2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| lucid | not-affected | code not present |
| precise | not-affected | code not present |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | needs-triage | |
| utopic | not-affected | code not present |
Показывать по
EPSS
7.5 High
CVSS2
Связанные уязвимости
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 ...
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
EPSS
7.5 High
CVSS2