Lucene search
GoogleOSV:DSA-2036-1HistoryApr 17, 2010 - 12:00 a.m.
jasper - denial of service
2010-04-1700:00:00
Google
osv.dev
8
EPSS
0
Percentile
5.1%
It was discovered that the JasPer JPEG-2000 runtime library allowed an
attacker to create a crafted input file that could lead to denial of
service and heap corruption.
Besides addressing this vulnerability, this updates also addresses a
regression introduced in the security fix for CVE-2008-3521, applied
before Debian Lenny’s release, that could cause errors when reading some
JPEG input files.
For the stable distribution (lenny), this problem has been fixed in
version 1.900.1-5.1+lenny1.
For the unstable distribution (sid), this problem has been fixed in
version 1.900.1-6.
We recommend that you upgrade your jasper package.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jasper | eq | 1.900.1-5.1 |
References
Related
ubuntucve
ubuntucve
CVE-2008-3521
2008-10-02 00:00:00
nvd
nvd
CVE-2008-3521
2008-10-02 18:18:05
cve
cve
CVE-2008-3521
2008-10-02 18:18:05
cvelist
cvelist
CVE-2008-3521
2008-10-02 18:00:00
prion
prion
Race condition
2008-10-02 18:18:00
openvas
openvas
Debian Security Advisory DSA 2036-1 (jasper)
2010-04-21 00:00:00
Debian: Security Advisory (DSA-2036-1)
2010-04-21 00:00:00
SLES10: Security update for jasper
2009-10-13 00:00:00
nessus
nessus
Debian DSA-2036-1 : jasper - programming error
2010-04-19 00:00:00
SuSE9 Security Update : jasper (YOU Patch Number 12295)
2009-09-24 00:00:00
debian
debian
[SECURITY] [DSA 2036-1] New jasper packages fix denial of service
2010-04-17 21:23:29
securityvulns
securityvulns
[USN-742-1] JasPer vulnerabilities
2009-03-20 00:00:00
Jasper library multiplesecurity vulnerabilities
2009-03-20 00:00:00
ubuntu
ubuntu
JasPer vulnerabilities
2009-03-19 00:00:00