The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer prior to 1.900.4 allows remote malicious users to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jasper project jasper |
||
debian debian linux 8.0 |
||
fedoraproject fedora 25 |