30 matches found
CVE-2016-1577
Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137...
CVE-2016-2116
Memory leak in the jasiccprofcreatefrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service memory consumption via a crafted ICC color profile in a JPEG 2000 image file...
CVE-2016-2089
The jasmatrixclip function in jasseq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service invalid read and application crash via a crafted JPEG 2000 image...
CVE-2016-2089
The jasmatrixclip function in jasseq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service invalid read and application crash via a crafted JPEG 2000 image...
CVE-2016-1867
The CVE entry CVE-2016-1867 describes a denial-of-service via an out-of-bounds read in JasPer 1.900.1 when processing crafted JPEG 2000 images. Connected sources show a wider set of JasPer vulnerabilities affecting multiple products across distributions (CVE-2015-5203, -5221, -2016-8654, -2016-86...
CVE-2014-8157
Off-by-one error in the jpcdecprocesssot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow...
CVE-2014-8158
Multiple stack-based buffer overflows in jpcqmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted JPEG 2000 image...
Fedora 21 : jasper-1.900.1-29.fc21 (2014-16292)
Fixes various flaws: CVE-2014-9029, CVE-2014-8138, CVE-2014-8137 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing addition...
UBUNTU-CVE-2014-8137
Double free vulnerability in the jasiccattrvaldestroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file...
Heap overflow
Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow...
CVE-2014-9029
Multiple off-by-one errors in the 1 jpcdeccpsetfromcox and 2 jpcdeccpsetfromrgn functions in jpc/jpcdec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow...
[SECURITY] Fedora 16 Update: jasper-1.900.1-18.fc16
This package contains an implementation of the image compression standard JPEG-2000, Part 1. It consists of tools for conversion to and from the JP2 and JPC formats...
CVE-2011-4517
The jpccrggetparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service heap memory corruption, via a crafte...
CVE-2011-4516
Heap-based buffer overflow in the jpccoxgetcompparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted numrlvls value in a coding style default COD marker segment in a JPEG2000 file...
Heap overflow
The jpccrggetparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service heap memory corruption, via a crafte...
Heap overflow
Heap-based buffer overflow in the jpccoxgetcompparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted numrlvls value in a coding style default COD marker segment in a JPEG2000 file...
CVE-2011-4517
The jpccrggetparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service heap memory corruption, via a crafte...
CVE-2011-4516
Heap-based buffer overflow in the jpccoxgetcompparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted numrlvls value in a coding style default COD marker segment in a JPEG2000 file...
CVE-2011-4516
Heap-based buffer overflow in the jpccoxgetcompparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted numrlvls value in a coding style default COD marker segment in a JPEG2000 file...
CVE-2011-4517
The jpccrggetparms function in libjasper/jpc/jpccs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service heap memory corruption, via a crafte...