CVE-2016-9591 – jasper: use-after-free / double-free in JPC encoder
https://notcve.org/view.php?id=CVE-2016-9591
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. JasPer, en versiones anteriores a la 2.0.12, es vulnerable a un uso de memoria previamente liberada en la forma en la que descifra ciertos archivos de imagen JPEG 2000. Esto resulta en un cierre inesperado de la aplicación que esté usando JasPer. A use-after-free flaw was found in the way JasPer, before version 2.0.12, decode certain JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. • http://www.securityfocus.com/bid/94952 https://access.redhat.com/errata/RHSA-2017:1208 https://bugzilla.redhat.com/show_bug.cgi?id=1406405 https://security.gentoo.org/glsa/201707-07 https://www.debian.org/security/2017/dsa-3827 https://access.redhat.com/security/cve/CVE-2016-9591 • CWE-416: Use After Free •
CVE-2016-9389 – jasper: reachable assertions caused by insufficient component domains checks in ICT/RCT in JPC codec
https://notcve.org/view.php?id=CVE-2016-9389
The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure). Las funciones jpc_irct y jpc_iict en jpc_mct.c en JasPer en versiones anteriores a 1.900.14 permiten a atacantes remotos provocar una denegación de servicio (fallo de aserción). • http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94371 https://access.redhat.com/errata/RHSA-2017:1208 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat.com/show_bug.cgi?id=1396963 https://github.com/mdadams/jasper/commit/dee11ec440d7908d1daf69f40a3324b27cf213ba https://usn.ubuntu.com/3693-1 https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://access.redhat.com/security& • CWE-617: Reachable Assertion •
CVE-2016-9397
https://notcve.org/view.php?id=CVE-2016-9397
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors. La función jpc_dequantize en jpc_dec.c en JasPer 1.900.13 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de vectores no especificados. • http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94373 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat.com/show_bug.cgi?id=1396979 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET • CWE-617: Reachable Assertion •
CVE-2016-9262 – jasper: integer truncation in jas_image_cmpt_create()
https://notcve.org/view.php?id=CVE-2016-9262
Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities. Múltiples desbordamientos de entero en la función (1) jas_realloc en base/jas_malloc.c y función (2) mem_resize en base/jas_stream.c en JasPer en versiones anteriores a 1.900.22 permiten a atacantes remotos provocar una denegación de servicio a través de una imagen manipulada, lo que desencadena vulnerabilidades de uso después de liberación. • http://www.openwall.com/lists/oss-security/2016/11/10/4 http://www.securityfocus.com/bid/94224 https://access.redhat.com/errata/RHSA-2017:1208 https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c https://bugzilla.redhat.com/show_bug.cgi?id=1393882 https://github.com/mdadams/jasper/commit/634ce8e8a5accc0fa05dd2c20d42b4749d4b2735 https://security.gentoo.org/glsa/201707-07 https://usn.ubuntu.com/3693-1 https://access.redhat.com/security/cv • CWE-190: Integer Overflow or Wraparound CWE-681: Incorrect Conversion between Numeric Types •
CVE-2016-9390 – jasper: insufficient SIZ marker tilexoff and tileyoff checks
https://notcve.org/view.php?id=CVE-2016-9390
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file. La función jas_seq2d_create en jas_seq.c en JasPer en versiones anteriores a 1.900.14 permite a atacantes remotos provocar una denegación de servicio (fallo de aserción) a través de un archivo de imagen manipulado. • http://www.openwall.com/lists/oss-security/2016/11/17/1 http://www.securityfocus.com/bid/94371 https://access.redhat.com/errata/RHSA-2017:1208 https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure https://bugzilla.redhat.com/show_bug.cgi?id=1396965 https://github.com/mdadams/jasper/commit/ba2b9d000660313af7b692542afbd374c5685865 https://usn.ubuntu.com/3693-1 https://access.redhat.com/security/cve/CVE-2016-9390 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •