Page 4 of 19 results (0.010 seconds)

CVSS: 7.5EPSS: 3%CPEs: 1EXPL: 0

CVE-2017-13745

https://notcve.org/view.php?id=CVE-2017-13745

There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154. Es posible abortar aserciones alcanzables en la función jpc_dec_process_sot() en jpc/jpc_dec.c en JasPer 2.0.12 que provocaría un ataque de denegación de servicio remoto desencadenando un valor de retorno jpc_ppmstabtostreams inesperado. Esta vulnerabilidad es diferente de CVE-2018-9154. • http://www.securityfocus.com/bid/100514 https://bugzilla.redhat.com/show_bug.cgi?id=1485274 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET https://security.gentoo.org/glsa/201908-03 https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-1000050 – jasper: NULL pointer exception in jp2_encode()

https://notcve.org/view.php?id=CVE-2017-1000050

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service. JasPer versión 2.0.12 es vulnerable a una excepción de puntero NULL en la función jp2_encode que falló al comprobar si la imagen contenía al menos un componente resultando en una denegación de servicio. • http://www.openwall.com/lists/oss-security/2017/03/06/1 http://www.securityfocus.com/bid/96595 https://access.redhat.com/errata/RHSA-2018:3253 https://access.redhat.com/errata/RHSA-2018:3505 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET https://security.gentoo.org/glsa/201908-03 https://usn.ubuntu.com • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-9782

https://notcve.org/view.php?id=CVE-2017-9782

JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the jp2_decode function in libjasper/jp2/jp2_dec.c. JasPer versión 2.0.12, permite a los atacantes remotos causar una denegación de servicio (lectura excesiva de búfer en la región heap de la memoria y bloqueo de aplicación) por medio de una imagen creada, relacionada con la función jp2_decode en el archivo libjasper/jp2/jp2_dec.c. • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html https://github.com/mdadams/jasper/issues/140 https://security.gentoo.org/glsa/201908-03 • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-6850

https://notcve.org/view.php?id=CVE-2017-6850

The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image. La función jp2_cdef_destroy en jp2_cod.c en JasPer en versiones anteriores a 2.0.13 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de una imagen manipulada. • https://blogs.gentoo.org/ago/2017/01/25/jasper-null-pointer-dereference-in-jp2_cdef_destroy-jp2_cod-c https://github.com/mdadams/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d https://github.com/mdadams/jasper/issues/112 https://usn.ubuntu.com/3693-1 • CWE-476: NULL Pointer Dereference •