Description
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to
cause a denial of service (out-of-bounds read and application crash) via a
crafted JPEG 2000 image.
Notes
mdeslaur | fixed in (1.900.1-debian1-2.4+deb8u2) |
Package
Upstream: | needs-triage
|
Ubuntu 16.04 ESM: | released
(1.900.1-debian1-2.4ubuntu1.1)
|
Ubuntu 14.04 ESM: | DNE
(trusty was released [1.900.1-14ubuntu3.4])
|
Ubuntu 20.04 FIPS Compliant: | DNE
|
Patches:
Updated: 2022-04-13 12:12:37 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)