RHEL 7 : jasper (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...

Debian: Security Advisory (DLA-739-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2017-0474)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:2775-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...

EulerOS 2.0 SP1 : jasper (EulerOS-SA-2017-1094)

According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...

Amazon Linux AMI : jasper (ALAS-2017-836)

Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654 , CVE-2016-9560 , CVE-2016-10249 , CVE-2015-5203 , CVE-2015-5221 , CVE-2016-1577 , CVE-2016-8690...

OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes fixed by thoger: CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692...

Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20170509)

Security Fixes : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577,...

CVE-2016-8692

CVE-2016-8692 - JasPer before 1.900.4 is vulnerable to a denial of service via a crafted BMP image. The issue is a divide-by-zero error in jpc_dec_process_siz exploited when a malicious YRsiz value is processed by the imginfo command, leading to application crash. Affected component: JasPer JPEG ...

CVE-2016-8692

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...

Debian DSA-3785-1 : jasper - security update

Multiple vulnerabilities have been discovered in the JasPer library for processing JPEG-2000 images, which may result in denial of service or the execution of arbitrary code if a malformed image is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

[SECURITY] [DSA 3785-1] jasper security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3785-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 09, 2017 https://www.debian.org/security/faq -...

Debian DLA-739-1 : jasper security updat

CVE-2016-8691 FPE on unknown address ... jpcdecprocesssiz ... jpcdec.c CVE-2016-8692 FPE on unknown address ... jpcdecprocesssiz ... jpcdec.c CVE-2016-8693 attempting double-free ... memclose ... jasstream.c CVE-2016-8882 segfault / NULL pointer access in jpcpidestroy CVE-2016-9560 stack-based...

[SECURITY] [DLA 739-1] jasper security updat

Package : jasper Version : 1.900.1-13+deb7u5 CVE ID : CVE-2016-8654 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8882 CVE-2016-8883 CVE-2016-8887 CVE-2016-9560 TEMP-CVE CVE-2016-8691 FPE on unknown address ... jpcdecprocesssiz ... jpcdec.c CVE-2016-8692 FPE on unknown address...

Fedora Update for jasper FEDORA-2016-81f9c6f0ae

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for jasper FEDORA-2016-6c789ba91d

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for jasper FEDORA-2016-e0f0d48142

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2016:2775-1)

This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2016-8887: NULL pointer dereference in jp2colrdestroy jp2cod.c bsc1006836 - CVE-2016-8886: memory allocation failure in jasmalloc jasmalloc.c bsc1006599 - CVE-2016-8884,CVE-2016-8885: two NUL...

Fedora 23 : jasper (2016-6c789ba91d)

The remote Fedora 23 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2016-6c789ba91d advisory. This update contains security fix for CVE-2016-8883, CVE-2016-8882, CVE-2016-8881, CVE-2016-8880, CVE-2016-8884, CVE-2016-8885, CVE-2016-8887,...