Denial Of Service (DoS)

JasPer is vulnerable to denial of service attacks. A remote attacker could cause denial of service through assertion failure via a crafted file. Affected by this issue is the function calcstepsizes function in the file jpcdec.c...

Denial Of Service (DoS)

JasPer is vulnerable to denial of service attacks. A remote attacker could cause denial of service through assertion failure via a crafted file. Affected by this issue is the function jpcdectiledecode of the file jpcdec.c...

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS attacks. A malicious user can pass a file to the calcstepsizes function in jpcdec.c to cause an assertion failure that can crash the application...

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS attacks. The vulnerability exists due to a reachable assertion in jasseq.c where the jasmatrix= yend condition fails caused by an integer overflow issue in the jpcdecprocesssiz function of libjasper/jpc/jpcdec.c, causing a DoS and possibly other...

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS attacks. The library contains an infinite loop in the jpcdectileinit function of jpcdec.c that can cause the application to crash...

Denial Of Service (DoS)

libjasper.so is vulnerable to denial of service DoS attacks. A malicious user can pass a JPC file to the jpcundoroi function in jpcdec.c to cause an invalid memory read, crashing the application...

JasPer Denial of Service Vulnerability (CNVD-2018-09150)

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A security vulnerability exists in the 'jpcdecprocesssot' function in the libjasper/jpc/jpcdec.c file in JasPer version 2.0.14. A remote attacker could exploit this vulnerability ...

JasPer Denial of Service Vulnerability (CNVD-2017-25686)

JasPer is an open source project that aims to provide a free software-based reference implementation of the codecs specified in the JPEG-2000 Part-1 standard. A denial of service vulnerability exists in the jpcdequantize function in jpc/jpcdec.c in JasPer, which can be exploited by a remote...

CVE-2017-13752

There is a reachable assertion abort in the function jpcdequantize in jpc/jpcdec.c in JasPer 2.0.12 that will lead to a remote denial of service attack...

CVE-2017-13751

CVE-2017-13751 refers to JasPer 2.0.x (notably 2.0.12 and earlier) where a reachable assertion abort in jpc_dec.c(calcstepsizes) can cause remote denial of service. Connected advisories (Fedora/RHEL/NASL) enumerate JasPer family CVEs around 2016–2018 with multiple related flaws; CVE-2017-13751 is...

jasper: integer overflow in jas_matrix_create()

Integer overflow in the jpcdectiledecode function in jpcdec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow...

UBUNTU-CVE-2016-9399

The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

CVE-2016-9387

CVE-2016-9387: Integer overflow in JasPer’s jpc_dec_process_siz function (libjasper/jpc/jpc_dec.c) allows crafted JPEG-2000 files to trigger an assertion failure, as reported for JasPer prior to 1.900.13. The available connected documents confirm the vulnerability in the JasPer library and refere...

CVE-2016-9392

CVE-2016-9392 affects the JasPer JPEG 2000 library. The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows a crafted file to trigger an assertion failure, causing a denial of service. Affected are JasPer versions earlier than 1.900.17; remediation is to upgrade to 1.900.17 or ne...

JasPer 'jpc_dec.c' Null Pointer Reference Denial of Service Vulnerability

JasPer is a Canadian software developer Michael Adams developed an open source implementation of the JPEG-2000 codec. A denial of service vulnerability exists in JasPer 'jpcdec.c'. An attacker could exploit this vulnerability to cause the application to crash, resulting in a denial of service...

UBUNTU-CVE-2017-5499

Integer overflow in libjasper/jpc/jpcdec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via a crafted file...

CVE-2017-5499

CVE-2017-5499 affects JasPer’s libjasper (jpc_dec.c) with an integer overflow in the JPC decoder ( JasPer 1.900.17 ), enabling a crafted file to trigger denial of service (crash). Public sources in the connected docs identify the vulnerable component (libjasper/jpc/jpc_dec.c) and note that severa...

CVE-2017-5500

CVE-2017-5500 affects JasPer 1.900.17 in libjasper/jpc/jpc_dec.c, where a denial of service (crash) can be triggered by vectors involving a left shift of a negative value. The connected documents confirm this exact vulnerable function/file and the nature of the impact (denial of service); no expl...

CVE-2017-5504

CVE-2017-5504 is a vulnerability in JasPer where the function jpc_undo_roi in libjasper/jpc/jpc_dec.c (present in JasPer 1.900.27) can be exploited by a crafted image to cause a denial of service via an invalid memory read/crash. The connected documents indicate this CVE is discussed within Jaspe...

CVE-2017-5499

Integer overflow in libjasper/jpc/jpcdec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via a crafted file...