Lucene search

K
Jasper ProjectJasper1.900.1

8 matches found

CVE
CVE
added 2011/12/15 3:57 a.m.175 views

CVE-2011-4516

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 fi...

6.8CVSS5.4AI score0.47823EPSS
CVE
CVE
added 2011/12/15 3:57 a.m.152 views

CVE-2011-4517

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a cra...

6.8CVSS5AI score0.4213EPSS
CVE
CVE
added 2016/02/08 7:59 p.m.98 views

CVE-2016-2089

The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.

6.5CVSS6.4AI score0.00766EPSS
CVE
CVE
added 2014/12/24 6:59 p.m.86 views

CVE-2014-8138

Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.

7.5CVSS6.5AI score0.05895EPSS
CVE
CVE
added 2016/01/20 4:59 p.m.84 views

CVE-2016-1867

The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.

6.5CVSS6.3AI score0.00462EPSS
CVE
CVE
added 2008/10/02 6:18 p.m.60 views

CVE-2008-3522

Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.

10CVSS5AI score0.05541EPSS
CVE
CVE
added 2008/10/02 6:18 p.m.57 views

CVE-2008-3520

Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.

9.3CVSS4AI score0.02999EPSS
CVE
CVE
added 2008/10/02 6:18 p.m.57 views

CVE-2008-3521

Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally reported as a symlink i...

7.2CVSS7AI score0.00037EPSS