56 matches found
EUVD-2015-5204
Malware in sbrugna...
EUVD-2015-8625
Malware in sbrugna...
K000156718: Multiple ImageMagick vulnerabilities
Security Advisory Description CVE-2017-13142 In ImageMagick before 6.9.9-0 and 7.x before 7.0.6-1, a crafted PNG file could trigger a crash because there was an insufficient check for short files. CVE-2017-13143 In ImageMagick before 6.9.7-6 and 7.x before 7.0.4-6, the ReadMATImage function in...
Linux Distros Unpatched Vulnerability : CVE-2016-9675
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openjpeg: A heap-based buffer overflow flaw was found in the patch for CVE-2013-6045. A crafted j2k image could cause the application to crash, or potentially...
USN-7037-1: OpenJPEG vulnerability
It was discovered that OpenJPEG could enter a large loop and continuously print warning messages when given specially crafted input. An attacker could potentially use this issue to cause a denial of service...
RHEL 7 : netpbm (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder CVE-2016-9583 ...
RHEL 7 : jasper (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - jasper: heap-based buffer over-read of size 8 in jasimagedepalettize in libjasper/base/jasimage.c...
SUSE CVE-2015-8363
The jpeg2000readmainheaders function in libavcodec/jpeg2000dec.c in FFmpeg before 2.6.5, 2.7.x before 2.7.3, and 2.8.x through 2.8.2 does not enforce uniqueness of the SIZ marker in a JPEG 2000 image, which allows remote attackers to cause a denial of service out-of-bounds heap-memory access or...
SUSE CVE-2016-1867
The jpcpinextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG 2000 image...
SUSE CVE-2016-1923
Heap-based buffer overflow in the opjj2kupdateimagedata function in OpenJpeg 2016.1.18 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted JPEG 2000 image...
JasPer heap buffer overflow vulnerability (CNVD-2021-08886)
JasPer is an open source project that aims to provide a free software-based reference implementation of the codecs specified in the JPEG-2000 Part-1 standard. A heap buffer overflow vulnerability exists in jp2decode in jp2/jp2dec.c in JasPer 2.0.24. The vulnerability stems from an invalid...
Arbitrary Code Execution
netpbm is vulnerable to arbitrary code execution. The vulnerability exists as an input validation flaw and multiple integer overflows were discovered in the JasPer library providing support for JPEG-2000 image format and used in the jpeg2ktopam and pamtojpeg2k converters. An attacker could create...
USN-4109-1: OpenJPEG vulnerabilities
It was discovered that OpenJPEG incorrectly handled certain PGX files. An attacker could possibly use this issue to cause a denial of service or possibly remote code execution. CVE-2017-17480 It was discovered that OpenJPEG incorrectly handled certain files. An attacker could possibly use this...
Denial Of Service (DoS)
Jasper is vulnerable to denial of serviceDoS attacks. An attacker could execute arbitrary code or cause an application crash via a crafted color profile in a JPEG 2000 image leading to a double free vulnerability. Affected function is jasiccattrvaldestroy...
Denial Of Service (DoS)
libjasper.so is vulnerable to denial of service. A NULL pointer dereference in JP2 encoder allows an attacker to crash the process via a malicious JPEG 2000 image...
Denial of service vulnerability in Kingsoft pdf reader (CNVD-2018-20702)
Kingsoft PDF Reader is a compact and stable PDF reading tool. Kingsoft pdf reader has a denial of service vulnerability that can be exploited by an attacker to cause a denial of service by embedding a specific jpeg2000 image...
Double free
Double free vulnerability in the jasperimagestopload function in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via a crafted JPEG 2000 image file...
CVE-2015-5203
CVE-2015-5203 is a double-free flaw in JasPer’s jasper_image_stop_load() used when processing certain JPEG 2000 images. Backed by multiple connected advisories, this vulnerability can allow a remote attacker to crash an application or, in some reports, potentially execute arbitrary code. Affected...
CVE-2015-5221
Use-after-free vulnerability in the mifprocesscmpt function in libjasper/mif/mifcod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service crash via a crafted JPEG 2000 image file...
EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)
According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to...