First published: Mon Nov 21 2016(Updated: )
An integer overflow in jpc_dec_process_siz was found that can be triggered by crafted image file when given as input to imginfo Upstream patch: <a href="https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf">https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf</a> CVE assignment: <a href="http://seclists.org/oss-sec/2016/q4/441">http://seclists.org/oss-sec/2016/q4/441</a>
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Jasper Project Jasper | <=1.900.12 | |
debian/jasper | ||
redhat/jasper | <1.900.13 | 1.900.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.