Lucene search
GoogleOSV:DSA-3138-1HistoryJan 25, 2015 - 12:00 a.m.
jasper - security update
2015-01-2500:00:00
Google
osv.dev
4
0.093 Low
EPSS
Percentile
94.7%
An off-by-one flaw, leading to a heap-based buffer overflow
(CVE-2014-8157), and an unrestricted stack memory use flaw
(CVE-2014-8158) were found in JasPer, a library for manipulating
JPEG-2000 files. A specially crafted file could cause an application
using JasPer to crash or, possibly, execute arbitrary code.
For the stable distribution (wheezy), these problems have been fixed in
version 1.900.1-13+deb7u3.
For the upcoming stable distribution (jessie) and the unstable
distribution (sid), these problems will be fixed soon.
We recommend that you upgrade your jasper packages.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jasper | eq | 1.900.1-13+deb7u1 | |
| jasper | eq | 1.900.1-13 | |
| jasper | eq | 1.900.1-13+deb7u2 |
References
Related
nessus
nessus
Debian DSA-3138-1 : jasper - security update
2015-01-26 00:00:00
Debian DLA-138-1 : jasper security update
2015-03-26 00:00:00
SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2015:0288-1)
2015-05-20 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3138-1)
2015-01-24 00:00:00
Debian: Security Advisory (DLA-138-1)
2023-03-08 00:00:00
CentOS Update for jasper CESA-2015:0074 centos6
2015-01-23 00:00:00
debian
debian
[SECURITY] [DSA 3138-1] jasper security update
2015-01-25 10:00:52
[SECURITY] [DLA 138-1] jasper security update
2015-01-28 19:03:39
[SECURITY] [DSA 3138-1] jasper security update
2015-01-25 10:00:52
redhat
redhat
(RHSA-2015:0074) Important: jasper security update
2015-01-22 00:00:00
oraclelinux
oraclelinux
jasper security update
2015-01-22 00:00:00
jasper security update
2017-05-09 00:00:00
osv
osv
jasper - security update
2015-01-28 00:00:00
amazon
amazon
Important: jasper
2015-02-11 19:37:00
centos
centos
jasper security update
2015-01-22 22:28:13
mageia
mageia
Updated jasper packages fix security vulnerabilities
2015-01-24 17:32:04
securityvulns
securityvulns
[oCERT-2015-001] JasPer input sanitization errors
2015-01-25 00:00:00
jasper library multiple security vulnerabilities
2015-01-25 00:00:00
archlinux
archlinux
jasper: arbitrary code execution
2015-01-27 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: mingw-jasper-1.900.1-26.fc20
2015-02-02 17:21:42
[SECURITY] Fedora 21 Update: mingw-jasper-1.900.1-26.fc21
2015-02-02 17:23:33
[SECURITY] Fedora 21 Update: jasper-1.900.1-30.fc21
2015-02-09 05:28:37
ubuntu
ubuntu
JasPer vulnerabilities
2015-01-26 00:00:00
Ghostscript vulnerabilities
2015-01-26 00:00:00
gentoo
gentoo
JasPer: Multiple Vulnerabilities
2015-03-06 00:00:00
cvelist
cvelist
CVE-2014-8157
2015-01-26 15:00:00
CVE-2014-8158
2015-01-26 15:00:00
cve
cve
CVE-2014-8157
2015-01-26 15:59:04
CVE-2014-8158
2015-01-26 15:59:09
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:04:18
Arbitrary Code Execution
2019-05-02 05:07:22
prion
prion
Heap overflow
2015-01-26 15:59:00
Stack overflow
2015-01-26 15:59:00
nvd
nvd
CVE-2014-8157
2015-01-26 15:59:04
CVE-2014-8158
2015-01-26 15:59:09
ubuntucve
ubuntucve
CVE-2014-8157
2015-01-22 00:00:00
CVE-2014-8158
2015-01-22 00:00:00
freebsd
freebsd
jasper -- multiple vulnerabilities
2014-12-10 00:00:00
slackware
slackware
[slackware-security] jasper
2015-10-29 22:48:48
oracle
oracle
CPU July 2018
2018-07-17 00:00:00