Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2008-3520
HistoryOct 02, 2008 - 12:00 a.m.

CVE-2008-3520

2008-10-0200:00:00
ubuntu.com
ubuntu.com
6

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.6%

JSON

Multiple integer overflows in JasPer 1.900.1 might allow context-dependent
attackers to have an unknown impact via a crafted image file, related to
integer multiplication for memory allocation.

Bugs

Notes

Author Note
mdeslaur RH released netpbm with this CVE, as it shared code with jasper our netpbm-free doesn’t appear to.
OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchghostscript< 8.61.dfsg.1-1ubuntu3.4UNKNOWN
ubuntu10.04noarchghostscript< 8.71.dfsg.1-0ubuntu5.4UNKNOWN
ubuntu10.10noarchghostscript< 8.71.dfsg.2-0ubuntu7.1UNKNOWN
ubuntu6.06noarchjasper< 1.701.0-2ubuntu0.6.06.1UNKNOWN
ubuntu7.10noarchjasper< 1.900.1-3ubuntu0.7.10.1UNKNOWN
ubuntu8.04noarchjasper< 1.900.1-3ubuntu0.8.04.1UNKNOWN
ubuntu8.10noarchjasper< 1.900.1-5ubuntu0.1UNKNOWN

Related

prion 1
veracode 1
cve 1
debiancve 1
openvas 38
securityvulns 3
nessus 20
fedora 2
gentoo 1
oraclelinux 1
redhat 2
ubuntucve 1
centos 1
ubuntu 2
freebsd 1
slackware 1
prion
prion
Integer overflow
2008-10-02 18:18:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:34:17
cve
cve
CVE-2008-3520
2008-10-02 18:18:00
debiancve
debiancve
CVE-2008-3520
2008-10-02 18:18:00
openvas
openvas
CentOS Update for netpbm CESA-2009:0012 centos4 i386
2011-08-09 00:00:00
CentOS Update for netpbm CESA-2009:0012 centos4 i386
2011-08-09 00:00:00
Fedora Core 11 FEDORA-2009-10761 (jasper)
2009-11-11 00:00:00
securityvulns
securityvulns
[ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code
2008-12-17 00:00:00
Jasper library multiplesecurity vulnerabilities
2009-03-20 00:00:00
[USN-742-1] JasPer vulnerabilities
2009-03-20 00:00:00
nessus
nessus
CentOS 4 : netpbm (CESA-2009:0012)
2009-02-12 00:00:00
RHEL 4 / 5 : netpbm (RHSA-2009:0012)
2009-02-12 00:00:00
GLSA-200812-18 : JasPer: User-assisted execution of arbitrary code
2008-12-17 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: jasper-1.900.1-13.fc11
2009-10-27 06:43:29
[SECURITY] Fedora 10 Update: jasper-1.900.1-13.fc10
2009-10-27 06:37:10
gentoo
gentoo
JasPer: User-assisted execution of arbitrary code
2008-12-16 00:00:00
oraclelinux
oraclelinux
netpbm security update
2009-02-11 00:00:00
redhat
redhat
(RHSA-2009:0012) Moderate: netpbm security update
2009-02-11 00:00:00
(RHSA-2015:0698) Important: rhevm-spice-client security, bug fix, and enhancement update
2015-03-18 00:00:00
ubuntucve
ubuntucve
CVE-2015-8751
2020-02-17 00:00:00
centos
centos
netpbm security update
2009-02-11 19:31:04
ubuntu
ubuntu
JasPer vulnerabilities
2009-03-19 00:00:00
Ghostscript vulnerabilities
2012-01-04 00:00:00
freebsd
freebsd
jasper -- buffer overflow
2011-12-09 00:00:00
slackware
slackware
[slackware-security] jasper
2015-10-29 22:48:48

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

60.6%

JSON
Related for UB:CVE-2008-3520
prion1veracode1cve1debiancve1openvas38securityvulns3nessus20fedora2gentoo1oraclelinux1redhat2ubuntucve1centos1ubuntu2freebsd1slackware1