6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
86.1%
Package : jasper
Version : 1.900.1-13+deb7u5
CVE ID : CVE-2016-8654 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693
CVE-2016-8882 CVE-2016-8883 CVE-2016-8887 CVE-2016-9560
TEMP-CVE
CVE-2016-8691
FPE on unknown address … jpc_dec_process_siz … jpc_dec.c
CVE-2016-8692
FPE on unknown address … jpc_dec_process_siz … jpc_dec.c
CVE-2016-8693
attempting double-free … mem_close … jas_stream.c
CVE-2016-8882
segfault / null pointer access in jpc_pi_destroy
CVE-2016-9560
stack-based buffer overflow in jpc_tsfb_getbands2 (jpc_tsfb.c)
CVE-2016-8887 part 1 + 2
NULL pointer dereference in jp2_colr_destroy (jp2_cod.c)
CVE-2016-8654
Heap-based buffer overflow in QMFB code in JPC codec
CVE-2016-8883
assert in jpc_dec_tiledecode()
TEMP-CVE
heap-based buffer overflow in jpc_dec_tiledecode (jpc_dec.c)
For Debian 7 "Wheezy", these problems have been fixed in version
1.900.1-13+deb7u5.
We recommend that you upgrade your jasper packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
6.8 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.013 Low
EPSS
Percentile
86.1%