Linux Distros Unpatched Vulnerability : CVE-2016-1577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or...

RHEL 7 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...

SUSE: Security Advisory (SUSE-SU-2016:2775-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...

EulerOS 2.0 SP1 : jasper (EulerOS-SA-2017-1094)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...

Amazon Linux AMI : jasper (ALAS-2017-836)

Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654 , CVE-2016-9560 , CVE-2016-10249 , CVE-2015-5203 , CVE-2015-5221 , CVE-2016-1577 , CVE-2016-8690...

Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20170509)

Security Fixes : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...

OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692...

Fedora Update for jasper FEDORA-2016-9b17661de5

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : jasper (2016-9b17661de5)

Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

openSUSE Security Update : jasper (openSUSE-2016-1270)

This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2008-3522: Buffer overflow in the jasstreamprintf function in libjasper/base/jasstream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related...

Fedora 23 : jasper (2016-bbecf64af4)

Fix broken ABI ---- Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and form...

Fedora Update for jasper FEDORA-2016-bbecf64af4

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 24 : jasper (2016-7776983633)

Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as...

jasper: multiple issues

CVE-2016-1577 arbitrary code execution Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file. -...

CVE-2016-1577

Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137...

CVE-2016-1577

Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137...

USN-2919-1 JasPer vulnerabilities | Cloud Foundry

USN-2919-1 JasPer vulnerabilities Medium Vendor Ubuntu, JasPer Versions Affected Ubuntu 14.04 LTS Description Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote...

Mageia: Security Advisory (MGASA-2016-0100)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-2919-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...