Linux Distros Unpatched Vulnerability : CVE-2016-8690

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a...

RHEL 7 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...

Mageia: Security Advisory (MGASA-2017-0474)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2775-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-1583-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NULL Pointer Dereference

libjasper.so is vulnerable to denial of service. A NULL pointer dereference in the bmpgetdata function in libjasper/bmp/bmpdec.c allows remote attackers to cause a denial of service condition by calling the imginfo command with a crafted BMP image. This vulnerability exists due to an incomplete f...

EulerOS 2.0 SP1 : jasper (EulerOS-SA-2017-1094)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...

EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...

Amazon Linux AMI : jasper (ALAS-2017-836)

Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654 , CVE-2016-9560 , CVE-2016-10249 , CVE-2015-5203 , CVE-2015-5221 , CVE-2016-1577 , CVE-2016-8690...

Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20170509)

Security Fixes : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...

OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692...

jasper: missing jas_matrix_create() parameter checks

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

Null pointer dereference

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

CVE-2016-8884

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8690...

CVE-2016-8884

CVE-2016-8884 affects JasPer 1.900.5 (and related builds) with a NULL pointer dereference in bmp_getdata (libjasper/bmp/bmp_dec.c) that can be triggered by imginfo on a crafted BMP image, causing a denial of service. This issue is noted as stemming from an incomplete fix for CVE-2016-8690. Public...

CVE-2016-8690

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

CVE-2016-8690

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

CVE-2016-8690

CVE-2016-8690 : The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer versions before 1.900.5 is vulnerable to a denial-of-service via a crafted BMP image in an imginfo command, caused by a NULL pointer dereference. Affected software can crash or become unresponsive when processing such i...

Fedora Update for jasper FEDORA-2016-81f9c6f0ae

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for jasper FEDORA-2016-e0f0d48142

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...