CVE-2007-2721
published 2007-05-16CVE-2007-2721: The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | >= 0 < 8.61.dfsg.1~svn8187-1.1 | 8.61.dfsg.1~svn8187-1.1 |
| artifex | ghostscript | >= 0 < 8.61.dfsg.1~svn8187-1.1 | 8.61.dfsg.1~svn8187-1.1 |
| artifex | ghostscript | >= 0 < 8.61.dfsg.1~svn8187-1.1 | 8.61.dfsg.1~svn8187-1.1 |
| artifex | ghostscript | >= 0 < 8.61.dfsg.1~svn8187-1.1 | 8.61.dfsg.1~svn8187-1.1 |
| debian | ghostscript | < ghostscript 8.61.dfsg.1~svn8187-1.1 (bookworm) | ghostscript 8.61.dfsg.1~svn8187-1.1 (bookworm) |
| jasper_jpeg-2000 | jasper_jpeg-2000 | <= 1.701.1 | — |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM