Lucene search

K
cvelistMitreCVELIST:CVE-2016-8884
HistoryMar 28, 2017 - 2:00 p.m.

CVE-2016-8884

2017-03-2814:00:00
mitre
www.cve.org

6.3 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.2%

The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690.