22 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-8654
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are...
Debian: Security Advisory (DLA-739-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2017-0474)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2017:0084-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-8654
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected...
CVE-2016-8654
CVE-2016-8654 is a JasPer/JPC-codec vulnerability where a heap-buffer overflow occurs due to an undersized QMFB buffer. It affects Jasper versions before 2.0.0. Remediation is to upgrade Jasper to a fixed version (≥2.0.0); various advisories (CentOS CESA-2017:1208, IBM PowerKVM bulletin, Cloud Fo...
EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...
EulerOS 2.0 SP1 : jasper (EulerOS-SA-2017-1094)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...
Amazon Linux AMI : jasper (ALAS-2017-836)
Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654 , CVE-2016-9560 , CVE-2016-10249 , CVE-2015-5203 , CVE-2015-5221 , CVE-2016-1577 , CVE-2016-8690...
Important: jasper
Issue Overview: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...
Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20170509)
Security Fixes : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...
OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)
The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692...
SUSE-SU-2017:0946-1 Security update for jasper
This update for jasper fixes the following issues: Security issues fixed: - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec bsc1012530 - CVE-2016-9395: Missing sanity checks on the data in a SIZ marker segment bsc1010977. - CVE-2016-9398: jpcmath.c:94: int jpcfloorlog2int:...
Fedora 24 : jasper (2017-c1bec8972c)
Security fix for CVE-2016-8654 Security fix for CVE-2016-9262 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 25 : jasper (2017-3dba8a70ce)
Security fix for CVE-2016-8654 Security fix for CVE-2016-9262 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Debian DSA-3785-1 : jasper - security update
Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...
[SECURITY] [DSA 3785-1] jasper security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3785-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 09, 2017 https://www.debian.org/security/faq -...
openSUSE: Security Advisory for jasper (openSUSE-SU-2017:0101-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : jasper (openSUSE-2017-70)
This update for jasper fixes the following issues : - CVE-2016-8654: Heap-based buffer overflow in QMFB code in JPC codec. bsc1012530 - CVE-2016-9395: Invalid jasper files could lead to abort of the library caused by attacker provided image. bsc1010977 - CVE-2016-9398: Invalid jasper files could...
Debian DLA-739-1 : jasper security updat
CVE-2016-8691 FPE on unknown address ... jpcdecprocesssiz ... jpcdec.c CVE-2016-8692 FPE on unknown address ... jpcdecprocesssiz ... jpcdec.c CVE-2016-8693 attempting double-free ... memclose ... jasstream.c CVE-2016-8882 segfault / NULL pointer access in jpcpidestroy CVE-2016-9560 stack-based...