Lucene search
Veracode Vulnerability DatabaseVERACODE:7024HistoryJul 11, 2018 - 8:13 a.m.
Denial Of Service (DoS)
2018-07-1108:13:35
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.006 Low
EPSS
Percentile
78.6%
libjasper.so is vulnerable to denial of service (DoS) attacks. The vulnerability exists due to a reachable assertion in jas_seq.c where the jas_matrix<= yend condition fails caused by an integer overflow issue in the jpc_dec_process_siz function of libjasper/jpc/jpc_dec.c, causing a DoS and possibly other attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| libjasper.so | eq | 1.0.0 | |
| jasper | eq | 1.900.1__29.el7 | |
| jasper | eq | 1.900.1__15.el6_1.1 | |
| jasper | eq | 1.900.1__16.el6_6.2 | |
| jasper | eq | 1.900.1__16.el6_6.3 | |
| jasper | eq | 1.900.1__15.el6 |
Related
osv
osv
CVE-2016-9387
2017-03-23 18:59:00
ubuntucve
ubuntucve
CVE-2016-9387
2017-03-23 00:00:00
cve
cve
CVE-2016-9387
2017-03-23 18:59:00
redhatcve
redhatcve
CVE-2016-9387
2016-11-21 09:47:24
nvd
nvd
CVE-2016-9387
2017-03-23 18:59:00
prion
prion
Integer overflow
2017-03-23 18:59:00
cvelist
cvelist
CVE-2016-9387
2017-03-23 18:00:00
nessus
nessus
Fedora 27 : jasper (2018-e6df7fcf75)
2018-06-04 00:00:00
Fedora 28 : jasper (2018-ec39fe2c9c)
2019-01-03 00:00:00
Fedora 24 : jasper (2017-da0b00fd64)
2017-05-19 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: jasper-2.0.14-5.fc27
2018-06-02 21:14:04
[SECURITY] Fedora 28 Update: jasper-2.0.14-5.fc28
2018-06-04 13:17:36
[SECURITY] Fedora 24 Update: jasper-1.900.13-4.fc24
2017-05-18 21:01:18
openvas
openvas
Fedora Update for jasper FEDORA-2018-e6df7fcf75
2018-06-03 00:00:00
Fedora Update for jasper FEDORA-2018-ec39fe2c9c
2018-06-05 00:00:00
Fedora Update for jasper FEDORA-2017-da0b00fd64
2017-05-19 00:00:00
archlinux
archlinux
[ASA-201612-9] jasper: multiple issues
2016-12-07 00:00:00
ubuntu
ubuntu
JasPer vulnerabilities
2018-06-27 00:00:00
cloudfoundry
cloudfoundry
USN-3693-1: JasPer vulnerabilities | Cloud Foundry
2018-07-10 00:00:00
amazon
amazon
Important: jasper
2017-06-06 16:49:00
centos
centos
jasper security update
2017-05-15 15:59:23
ibm
ibm
redhat
redhat
(RHSA-2017:1208) Important: jasper security update
2017-05-09 14:59:57
mageia
mageia
Updated jasper packages fix security vulnerabilities
2017-12-31 03:10:15
oraclelinux
oraclelinux
jasper security update
2017-05-09 00:00:00