) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:jasper_project:jasper:1.900.16
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2017-6850 |
The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image. Published: March 15, 2017; 10:59:01 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
| CVE-2016-10251 |
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value. Published: March 15, 2017; 10:59:00 AM -0400 |
V3.0: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-9560 |
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image. Published: February 15, 2017; 2:59:01 PM -0500 |
V3.1: 7.8 HIGH V2.0: 6.8 MEDIUM |
| CVE-2016-8690 |
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command. Published: February 15, 2017; 2:59:00 PM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |