The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/11/17/1 | Mailing List Patch VDB Entry |
http://www.securityfocus.com/bid/94371 | Broken Link Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2017:1208 | Third Party Advisory |
https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure | Patch Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1396962 | Issue Tracking Third Party Advisory VDB Entry |
https://github.com/mdadams/jasper/commit/411a4068f8c464e883358bf403a3e25158863823 | Patch Third Party Advisory |
https://usn.ubuntu.com/3693-1/ | Third Party Advisory |
Configurations
History
09 Sep 2024, 13:56
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* |
|
References | () http://www.securityfocus.com/bid/94371 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2017:1208 - Third Party Advisory | |
References | () https://usn.ubuntu.com/3693-1/ - Third Party Advisory | |
CWE | CWE-617 | |
First Time |
Canonical
Canonical ubuntu Linux |
Information
Published : 2017-03-23 18:59
Updated : 2024-09-09 13:56
NVD link : CVE-2016-9388
Mitre link : CVE-2016-9388
CVE.ORG link : CVE-2016-9388
JSON object : View
Products Affected
canonical
- ubuntu_linux
jasper_project
- jasper
CWE
CWE-617
Reachable Assertion