20 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-10251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the jpcpinextcprl function in jpct2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file,...
RHEL 7 : jasper (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...
Mageia: Security Advisory (MGASA-2017-0474)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0953-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Database Server Multiple Vulnerabilities (Apr 2020 CPU)
The remote Oracle Database Server is missing the April 2020 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle Multimedia component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable...
Debian: Security Advisory (DLA-920-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP1 : jasper (EulerOS-SA-2017-1094)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...
EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...
Amazon Linux AMI : jasper (ALAS-2017-836)
Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654 , CVE-2016-9560 , CVE-2016-10249 , CVE-2015-5203 , CVE-2015-5221 , CVE-2016-1577 , CVE-2016-8690...
Fedora 24 : jasper (2017-da0b00fd64)
Security fix for CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9560, CVE-2016-9591, CVE-2016-9600, CVE-2016-10251 Note that Tenable Network Security has extracted the preceding description block directly from the...
Fedora Update for jasper FEDORA-2017-cfc20d5d45
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : jasper (2017-cfc20d5d45)
Security fix for CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9560, CVE-2016-9591, CVE-2016-9600, CVE-2016-10251 Note that Tenable Network Security has extracted the preceding description block directly from the...
Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20170509)
Security Fixes : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...
SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2017:0953-1)
This update for jasper fixes the following issues: Security issues fixed : - CVE-2016-9600: NULL pointer Dereference due to missing check for UNKNOWN color space in JP2 encoder bsc1018088 - CVE-2016-10251: Use of uninitialized value in jpcpinextcprl jpct2cod.c bsc1029497 - CVE-2017-5498: left-shi...
SUSE-SU-2017:0946-1 Security update for jasper
This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec bsc1012530 - CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment bsc1010977. - CVE-2016-9398: jpcmath.c:94: int jpcfloorlog2int:...
CVE-2016-10251
Integer overflow in the jpcpinextcprl function in jpct2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value...
CVE-2016-10251
Integer overflow in the jpcpinextcprl function in jpct2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value...
CVE-2016-10251
CVE-2016-10251 : JasPer 1.900.x before 1.900.20 contains an integer overflow in jpc_pi_nextcprl (jpc_t2cod.c). Crafting a JPEG 2000 file can trigger use of an uninitialized value, with unspecified impact. Affected software versions: JasPer up to but not including 1.900.20. Remediation: upgrade to...
CVE-2016-10251
Integer overflow in the jpcpinextcprl function in jpct2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value...
UBUNTU-CVE-2016-10251
Integer overflow in the jpcpinextcprl function in jpct2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value...