CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-6852 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-6852
15 Mar 2017 — Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image. Desbordamiento de búfer basado en memoria dinámica en la función jpc_dec_decodepkt en jpc_t2dec.c en JasPer 2.0.10 permite a atacantes remotos tener un impacto no especificado a través de una imagen manipulada. Multiple vulnerabilities have been found in JasPer, the worst of which could result in a Denial of Service condition. Versions less than... • https://blogs.gentoo.org/ago/2017/01/25/jasper-heap-based-buffer-overflow-in-jpc_dec_decodepkt-jpc_t2dec-c • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5498
https://notcve.org/view.php?id=CVE-2017-5498
01 Mar 2017 — libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. libjasper/include/jasper/jas_math.h en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores que implican desplazamiento a la izquierda de un valor negativo. • http://www.securityfocus.com/bid/95666 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5499 – HID ActivID ActivClient 7.1.0.202 Denial of Service
https://notcve.org/view.php?id=CVE-2017-5499
01 Mar 2017 — Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Desbordamiento de entero en libjasper/jpc/jpc_dec.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo manipulado. HID ActivID ActivClient version 7.1.0.202 appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It suffers from multiple denial of servi... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5500 – HID ActivID ActivClient 7.1.0.202 Denial of Service
https://notcve.org/view.php?id=CVE-2017-5500
01 Mar 2017 — libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. libjasper/jpc/jpc_dec.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores que implican desplazamiento a la izquierda de un valor negativo. HID ActivID ActivClient version 7.1.0.202 appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It ... • http://www.securityfocus.com/bid/95666 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5501
https://notcve.org/view.php?id=CVE-2017-5501
01 Mar 2017 — Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file. Desbordamiento de entero en libjasper/jpc/jpc_tsfb.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de un archivo manipulado. • http://www.securityfocus.com/bid/95666 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5502 – HID ActivID ActivClient 7.1.0.202 Denial of Service
https://notcve.org/view.php?id=CVE-2017-5502
01 Mar 2017 — libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value. libjasper/jp2/jp2_dec.c en JasPer 1.900.17 permite a atacantes remotos provocar una denegación de servicio (caída) a través de vectores que implican desplazamiento a la izquierda de un valor negativo. HID ActivID ActivClient version 7.1.0.202 appears to include the JasPer library for parsing JPEG 2000 facial images that may be present on PIV cards. It ... • http://www.securityfocus.com/bid/95666 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 2CVE-2017-5503 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-5503
01 Mar 2017 — The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image. La función dec_clnpass en libjasper/jpc/jpc_t1dec.c en JasPer 1.900.27 permite a atacantes remotos provocar una denegación de servicio (escritura de memoria invalida y caída) o posiblemente tener otro impacto no especificado través de una imagen manipulada. Multiple vulnerabilities have be... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2017-5504 – Gentoo Linux Security Advisory 201908-03
https://notcve.org/view.php?id=CVE-2017-5504
01 Mar 2017 — The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image. La función jpc_undo_roi en libjasper/jpc/jpc_dec.c en JasPer 1.900.27 permite a atacantes remotos provocar una denegación de servicio (escritura de memoria invalida y caída) o posiblemente tener otro impacto no especificado través de una imagen manipulada. Multiple vulnerabilities have been found in JasPer, the worst of which could ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 2CVE-2016-8690 – jasper: missing jas_matrix_create() parameter checks
https://notcve.org/view.php?id=CVE-2016-8690
15 Feb 2017 — The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command. La función bmp_getdata en libjasper/bmp/bmp_dec.c en JasPer en versiones anteriores a 1.900.5 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero NULL) a través de una imagen BMP manipulada en un comando imginfo. JasPer is an implementation of Part 1 of the JPEG 2000 image ... • http://www.openwall.com/lists/oss-security/2016/08/23/6 • CWE-20: Improper Input Validation CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 1CVE-2016-8691 – jasper: missing SIZ marker segment XRsiz and YRsiz fields range check
https://notcve.org/view.php?id=CVE-2016-8691
15 Feb 2017 — The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command. La función jpc_dec_process_siz en libjasper/jpc/jpc_dec.c en JasPer en versiones anteriores a 1.900.4 permite a atacantes remotos provocar una denegación de servicio (error de división por cero y bloqueo de la aplicación) a través de un valor XRsiz manipulado en u... • http://www.debian.org/security/2017/dsa-3785 • CWE-369: Divide By Zero •