SUSE CVE-2016-8690

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

SUSE CVE-2016-8691

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted XRsiz value in a BMP image to the imginfo command...

Denial Of Service (DoS) Through Divide By Zero

JasPer is vulnerable to denial of service attacks. A remote attacker could cause an application crash via a crafted XRsiz value in a BMP image to the imginfo command. Affected is the function jpcdecprocesssiz of the file libjasper/jpc/jpcdec.c of the component imginfo...

NULL Pointer Dereference

JasPer is vulnerable to NULL pointer dereference. A remote attacker could cause denial of service via a crafted BMP image in an imginfo command. This issue affects the function bmpgetdata of the file libjasper/bmp/bmpdec.c of the component imginfo...

jasper: missing jas_matrix_create() parameter checks

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

Null pointer dereference

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image...

CVE-2016-8885

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image...

CVE-2016-8885

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference by calling the imginfo command with a crafted BMP image...

CVE-2016-8885

CVE-2016-8885 affects the JasPer JPEG-2000 library. The NULL pointer dereference in bmp_getdata (libjasper/bmp/bmp_dec.c) can be triggered by a crafted BMP image via the imginfo command, leading to a denial of service. The description in the initial and linked advisories indicates this family of ...

Command injection

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted XRsiz value in a BMP image to the imginfo command...

UBUNTU-CVE-2016-8690

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

Command injection

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...

CVE-2016-8690

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

Null pointer dereference

The bmpgetdata function in libjasper/bmp/bmpdec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service NULL pointer dereference via a crafted BMP image in an imginfo command...

Double free

Double free vulnerability in the memclose function in jasstream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted BMP image to the imginfo command...

CVE-2016-8691

CVE-2016-8691 affects the JasPer JPEG-2000 library. The issue is a divide-by-zero in jpc_dec_process_siz triggered by a crafted BMP image (XRsiz value) used with the imginfo command, leading to denial of service (application crash). Public advisories confirm JasPer upstream fixes and distro updat...

CVE-2016-8692

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...

UBUNTU-CVE-2016-8693

Double free vulnerability in the memclose function in jasstream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted BMP image to the imginfo command...

UBUNTU-CVE-2016-8692

The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted YRsiz value in a BMP image to the imginfo command...

CVE-2016-8693

Double free vulnerability in the memclose function in jasstream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted BMP image to the imginfo command...