Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jasper project jasper 1.900.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3520
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Jasper Project Jasper 1.900.1
NA
CVE-2008-3521
Race condition in the jas_stream_tmpfile function in libjasper/base/jas_stream.c in JasPer 1.900.1 allows local users to cause a denial of service (program exit) by creating the appropriate tmp.XXXXXXXXXX temporary file, which causes Jasper to exit. NOTE: this was originally repo...
Jasper Project Jasper 1.900.1
NA
CVE-2008-3522
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent malicious users to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
Redhat Enterprise Virtualization 3.5
Jasper Project Jasper 1.900.1
5.5
CVSSv3
CVE-2016-8882
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer prior to 1.900.8 allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
Jasper Project Jasper
NA
CVE-2014-9029
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and previous versions allow remote malicious users to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.
Jasper Project Jasper
7.8
CVSSv3
CVE-2016-8693
Double free vulnerability in the mem_close function in jas_stream.c in JasPer prior to 1.900.10 allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.
Jasper Project Jasper
Opensuse Opensuse 13.2
Fedoraproject Fedora 23
5.5
CVSSv3
CVE-2016-8691
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer prior to 1.900.4 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
Jasper Project Jasper
Debian Debian Linux 8.0
Fedoraproject Fedora 25
1 Github repository
5.5
CVSSv3
CVE-2016-8692
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer prior to 1.900.4 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.
Jasper Project Jasper
Fedoraproject Fedora 25
Debian Debian Linux 8.0
7.6
CVSSv3
CVE-2016-1577
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vu...
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Jasper Project Jasper
5.7
CVSSv3
CVE-2016-2116
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and previous versions allows remote malicious users to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Jasper Project Jasper
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »