Description
Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer
before 1.900.12 allows remote attackers to have unspecified impact via a
crafted image file, which triggers a heap-based buffer overflow.
Notes
mdeslaur | fixed in (1.900.1-debian1-2.4+deb8u3) |
Package
Upstream: | needs-triage
|
Ubuntu 16.04 ESM: | released
(1.900.1-debian1-2.4ubuntu1.1)
|
Ubuntu 14.04 ESM: | DNE
(trusty was released [1.900.1-14ubuntu3.4])
|
Patches:
Updated: 2022-04-13 12:10:52 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)