CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2016-10251 – jasper: integer overflow in jpc_pi_nextcprl(), leading to out-of-bounds read
https://notcve.org/view.php?id=CVE-2016-10251
15 Mar 2017 — Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value. Desbordamiento de entero en la función jpc_pi_nextcprl en jpc_t2cod.c en JasPer en versiones anteriores a 1.900.20 permite a atacantes remotos tener impacto no especificado a través de un archivo manipulado, lo que desencadena el uso de un valor no inicializado. It was discovered that JasPer incorrectly ... • http://www.debian.org/security/2017/dsa-3827 • CWE-125: Out-of-bounds Read CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6850 – Ubuntu Security Notice USN-3693-1
https://notcve.org/view.php?id=CVE-2017-6850
15 Mar 2017 — The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image. La función jp2_cdef_destroy en jp2_cod.c en JasPer en versiones anteriores a 2.0.13 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de una imagen manipulada. It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer... • https://blogs.gentoo.org/ago/2017/01/25/jasper-null-pointer-dereference-in-jp2_cdef_destroy-jp2_cod-c • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5498
https://notcve.org/view.php?id=CVE-2017-5498
01 Mar 2017 — libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. libjasper/include/jasper/jas_math.h en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores que implican desplazamiento a la izquierda de un valor negativo. • http://www.securityfocus.com/bid/95666 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5501
https://notcve.org/view.php?id=CVE-2017-5501
01 Mar 2017 — Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Desbordamiento de entero en libjasper/jpc/jpc_tsfb.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo manipulado. • http://www.securityfocus.com/bid/95666 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5500 – HID ActivID ActivClient 7.1.0.202 Denial of Service
https://notcve.org/view.php?id=CVE-2017-5500
01 Mar 2017 — libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. libjasper/jpc/jpc_dec.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores que implican desplazamiento a la izquierda de un valor negativo. HID ActivID ActivClient version 7.1.0.202 appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It ... • http://www.securityfocus.com/bid/95666 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5504 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-5504
01 Mar 2017 — The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image. La función jpc_undo_roi en libjasper/jpc/jpc_dec.c en JasPer 1.900.27 permite a atacantes remotos provocar una denegación de servicio (escritura de memoria invalida y caída) o posiblemente tener otro impacto no especificado través de una imagen manipulada. Multiple vulnerabilities have been found in JasPer, the worst of which could ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5502 – HID ActivID ActivClient 7.1.0.202 Denial of Service
https://notcve.org/view.php?id=CVE-2017-5502
01 Mar 2017 — libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. libjasper/jp2/jp2_dec.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores que implican desplazamiento a la izquierda de un valor negativo. HID ActivID ActivClient version 7.1.0.202 appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It ... • http://www.securityfocus.com/bid/95666 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-5503 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-5503
01 Mar 2017 — The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image. La función dec_clnpass en libjasper/jpc/jpc_t1dec.c en JasPer 1.900.27 permite a atacantes remotos provocar una denegación de servicio (escritura de memoria invalida y caída) o posiblemente tener otro impacto no especificado través de una imagen manipulada. Multiple vulnerabilities have be... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5499 – HID ActivID ActivClient 7.1.0.202 Denial of Service
https://notcve.org/view.php?id=CVE-2017-5499
01 Mar 2017 — Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Desbordamiento de entero en libjasper/jpc/jpc_dec.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo manipulado. HID ActivID ActivClient version 7.1.0.202 appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It suffers from multiple denial of servi... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 1%CPEs: 20EXPL: 3CVE-2016-9560 – jasper: stack-based buffer overflow in jpc_dec_tileinit()
https://notcve.org/view.php?id=CVE-2016-9560
15 Feb 2017 — Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. El desbordamiento del búfer basado en la pila en la función jpc_tsfb_getbands2 en jpc_tsfb.c en JasPer antes de la versión 1.900.30 permite a los atacantes remotos tener un impacto no especificado a través de una imagen manipulada It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or au... • http://www.debian.org/security/2017/dsa-3785 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •