Lucene search
K

30 matches found

OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.12 views

Debian: Security Advisory (DLA-101-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.18404EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:25 a.m.2 views

SUSE CVE-2014-9029

Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow...

7.5CVSS8.2AI score0.18404EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2014-0514)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.18404EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.12 views

SUSE: Security Advisory (SUSE-SU-2015:0207-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.18404EPSS
Exploits0References2
Veracode
Veracode
added 2019/05/02 5:6 a.m.30 views

Heap-Based Buffer Overflow

JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly,...

7.5CVSS6.9AI score0.18501EPSS
Exploits0References21Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/05/11 12:0 a.m.47 views

OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692...

7.8CVSS6.8AI score0.18501EPSS
Exploits11References37
Slackware Linux
Slackware Linux
added 2015/10/29 10:48 p.m.40 views

[slackware-security] jasper

New jasper packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/jasper-1.900.1-i486-4slack14.1.txz: Rebuilt. Applied many security and bug fixes. Thanks to Heinz Wiesinger...

10CVSS6.8AI score0.18501EPSS
Exploits1
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.29 views

Oracle: Security Advisory (ELSA-2014-2021)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.3AI score0.18501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/29 12:0 a.m.25 views

Gentoo Security Advisory GLSA 201503-01

Gentoo Linux Local Security Checks GLSA 201503-01 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS6.7AI score0.18501EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.34 views

Mandriva Linux Security Advisory : jasper (MDVSA-2015:159)

Updated jasper packages fix security vulnerabilities : Josh Duart of the Google Security Team discovered heap-based buffer overflow flaws in JasPer, which could lead to denial of service application crash or the execution of arbitrary code CVE-2014-9029. A double free flaw was found in the way...

7.5CVSS7.8AI score0.18501EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2015/02/10 12:0 a.m.28 views

Fedora Update for jasper FEDORA-2015-1159

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.18501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/01/27 12:0 a.m.37 views

OracleVM 3.3 : jasper (OVMSA-2015-0006)

The remote OracleVM system is missing necessary patches to address critical security updates : - CVE-2014-8157 - dec-numtiles off-by-one check in jpcdecprocesssot 1183671 - CVE-2014-8158 - unrestricted stack memory use in jpcqmfb.c 1183679 - CVE-2014-8137 - double-free in in jasiccattrvaldestroy...

7.5CVSS7.1AI score0.18501EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2015/01/09 12:0 a.m.34 views

Amazon Linux AMI : jasper (ALAS-2015-466)

Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2014-9029 A heap-based buffer overflow flaw was found ...

7.5CVSS7.5AI score0.18501EPSS
Exploits0References4
Amazon
Amazon
added 2015/01/08 12:0 a.m.44 views

Important: jasper

Issue Overview: Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2014-9029 A heap-based buffer overflow...

7.5CVSS8.1AI score0.18501EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/01/06 12:0 a.m.29 views

Fedora 21 : jasper-1.900.1-29.fc21 (2014-16292)

Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...

7.5CVSS7AI score0.18501EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2014/12/19 12:0 a.m.32 views

Oracle Linux 6 / 7 : jasper (ELSA-2014-2021)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-2021 advisory. - CVE-2014-8137 - double-free in in jasiccattrvaldestroy 1173566 - CVE-2014-8138 - heap overflow in jp2decode 1173566 - CVE-2014-9029 - incorrect...

7.5CVSS7.2AI score0.18501EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/12/19 12:0 a.m.34 views

RHEL 6 / 7 : jasper (RHSA-2014:2021)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:2021 advisory. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Multiple off-by-one flaws, leading to heap-based buff...

7.5CVSS7.7AI score0.18501EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2014/12/19 12:0 a.m.40 views

Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20141218)

Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2014-9029 A heap-based buffer overflow flaw was found ...

7.5CVSS7.5AI score0.18501EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2014/12/18 12:0 a.m.45 views

jasper security update

1.900.1-16.2 - CVE-2014-8137 - double-free in in jasiccattrvaldestroy 1173566 - CVE-2014-8138 - heap overflow in jp2decode 1173566 1.900.1-16.1 - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders 1171208 1.900.1-16 - CERT VU887409: heap buffer overflow...

7.5CVSS4.4AI score0.18501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/12/17 12:0 a.m.30 views

Fedora 19 : mingw-jasper-1.900.1-24.fc19 (2014-17032)

Add patches for all current CVEs. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...

7.5CVSS7AI score0.18404EPSS
Exploits0References6
Rows per page
Query Builder