CVE-2016-8691

Опубликовано: 15 фев. 2017

Источник: ubuntu

Приоритет: negligible

CVSS2: 4.3

CVSS3: 5.5

Описание

The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was released [1.900.1-14ubuntu3.4]]
esm-infra/xenial	released	1.900.1-debian1-2.4ubuntu1.1
precise	ignored	end of life
precise/esm	DNE	precise was needed
trusty	released	1.900.1-14ubuntu3.4
trusty/esm	DNE	trusty was released [1.900.1-14ubuntu3.4]
upstream	needs-triage
vivid/stable-phone-overlay	ignored	end of life
vivid/ubuntu-core	DNE

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2016-8691

CVSS3: 5.5

redhat

около 9 лет назад

CVE-2016-8691

CVSS3: 5.5

nvd

больше 8 лет назад

CVE-2016-8691

CVSS3: 5.5

debian

больше 8 лет назад

The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer ...

GHSA-jrgp-6q23-4hg8

CVSS3: 5.5

github

больше 3 лет назад

SUSE-SU-2016:2776-1

suse-cvrf

около 9 лет назад

Security update for jasper

4.3 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2016-8691

Описание

Пакет jasper

Ссылки на источники

Связанные уязвимости