150 matches found
CVE-2023-51257
A flaw in jasper was discovered where an invalid memory write occurred due to the absence of a proper range check in the JPC encoder. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of...
Jasper Security Vulnerabilities
Jasper is a flexible and powerful GitHub issue reader open-sourced by Jasper. Jasper has a security vulnerability that stems from a lack of range checking in the JPC encoder, leading to invalid memory writes...
PT-2023-28248 · Unknown · Pdf-Xchange Editor
Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to disclose sensitive information on affected installations. It requires user interaction, such as visiting a malicious page or opening a...
PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37375
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37375
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37375
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2022-37375
CVE-2022-37375 affects PDF-XChange Editor. The vulnerability lies in the parsing of JPC files where crafted JPC data can trigger a read past the end of an allocated buffer, enabling an information disclosure. Exploitation requires user interaction (visiting a malicious page or opening a malicious...
CVE-2022-37375
This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
SUSE CVE-2016-9393
The jpcpinextrpcl function in jpct2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...
SUSE CVE-2016-9396
The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion failure via unspecified vectors...
SUSE CVE-2016-9397
The jpcdequantize function in jpcdec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...
SUSE CVE-2016-9398
The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...
SUSE CVE-2016-9399
The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...
SUSE CVE-2016-10248
The jpctsfbsynthesize function in jpctsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service NULL pointer dereference via vectors involving an empty sequence...
SUSE CVE-2016-10249
Integer overflow in the jpcdectiledecode function in jpcdec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow...
SUSE CVE-2017-5500
libjasper/jpc/jpcdec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via vectors involving left shift of a negative value...
SUSE CVE-2017-13746
There is a reachable assertion abort in the function jpcdecprocesssiz in jpc/jpcdec.c:1297 in JasPer 2.0.12 that will lead to a remote denial of service attack...
SUSE CVE-2017-13745
There is a reachable assertion abort in the function jpcdecprocesssot in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpcppmstabtostreams return value, a different vulnerability than CVE-2018-9154...