Published: 15/03/2017 Updated: 29/06/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The jp2_cdef_destroy function in jp2_cod.c in JasPer prior to 2.0.13 allows remote malicious users to cause a denial of service (NULL pointer dereference) via a crafted image.

Vulnerable Product	Search on Vulmon	Subscribe to Product
jasper project jasper

Several security issues were fixed in JasPer ...

The jp2_cdef_destroy function in jp2_codc in JasPer before 2013 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image ...

A NULL pointer dereference vulnerability has been discovered in jasper in jp2_cdef_destroy (jp2_codc) leading to application crash ...

CrashSearch We designed CrashSearch for the specific purpose of efficiently mapping a reported bug to related known bugs within a bug datastore, including both exact and inexact duplicates CrashSearch uses the symptoms of a crash to create a fingerprint that it uses to search for bugs with similar behaviors, and leverages sequential pattern mining to effectively showcase relat

CWE-476 https://github.com/mdadams/jasper/issues/112 https://github.com/mdadams/jasper/commit/e96fc4fdd525fa0ede28074a7e2b1caf94b58b0d https://blogs.gentoo.org/ago/2017/01/25/jasper-null-pointer-dereference-in-jp2_cdef_destroy-jp2_cod-c/https://usn.ubuntu.com/3693-1/https://usn.ubuntu.com/3693-1/https://nvd.nist.gov

CVE-2017-6850

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect