A heap-based buffer overflow vulnerability has been discovered in jasper in jpc_dec_tiledecode (jpc_dec.c) leading to arbitrary code execution.
A heap-based buffer overflow vulnerability has been discovered in jasper in jpc_dec_tiledecode (jpc_dec.c) leading to arbitrary code execution.
https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/ https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568