Integer Overflow

2019-05-0206:10:46

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.008 Low

EPSS

Percentile

82.0%

JSON

JasPer is vulnerable to integer overflows. A remote attacker could cause denial of service via a crafted image triggering use after free vulnerabilities. Affected by this issue is the function jas_realloc/mem_resize of the file base/jas_malloc.c.

CPENameOperatorVersion
jaspereq1.900.1__15.el6_1.1
jaspereq1.900.1__16.el6_6.3
jaspereq1.900.1__15.el6
jaspereq1.900.1__29.el7
jaspereq1.900.1__16.el6_6.2
jaspereq1.900.1__15.el6_1.1
jaspereq1.900.1__16.el6_6.3
jaspereq1.900.1__15.el6
jaspereq1.900.1__29.el7
jaspereq1.900.1__16.el6_6.2

Name	Operator	Version
jasper	eq	1.900.1__15.el6_1.1
jasper	eq	1.900.1__16.el6_6.3
jasper	eq	1.900.1__15.el6
jasper	eq	1.900.1__29.el7
jasper	eq	1.900.1__16.el6_6.2
jasper	eq	1.900.1__15.el6_1.1
jasper	eq	1.900.1__16.el6_6.3
jasper	eq	1.900.1__15.el6
jasper	eq	1.900.1__29.el7
jasper	eq	1.900.1__16.el6_6.2