|
|
Log in / Subscribe / Register

jasper: multiple vulnerabilities

Package(s):jasper CVE #(s):CVE-2016-1577 CVE-2016-2116
Created:March 4, 2016 Updated:March 9, 2016
Description:

From the Ubuntu advisory:

Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2016-1577)

Tyler Hicks discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to consume memory, resulting in a denial of service. (CVE-2016-2116)

Alerts:
openSUSE openSUSE-SU-2016:2737-1 jasper 2016-11-05
openSUSE openSUSE-SU-2016:2722-1 jasper 2016-11-04
Fedora FEDORA-2016-bbecf64af4 jasper 2016-09-21
Fedora FEDORA-2016-7776983633 jasper 2016-08-15
Arch Linux ASA-201605-2 jasper 2016-05-04
Mageia MGASA-2016-0100 jasper 2016-03-07
Debian DSA-3508-1 jasper 2016-03-06
Ubuntu USN-2919-1 jasper 2016-03-03
openSUSE openSUSE-SU-2016:2833-1 jasper 2016-11-17
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds