CVE-2008-3520
published 2008-10-02CVE-2008-3520: Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| debian | ghostscript | < ghostscript 8.64~dfsg-2 (bookworm) | ghostscript 8.64~dfsg-2 (bookworm) |
| debian | netpbm-free | < ghostscript 8.64~dfsg-2 (bookworm) | ghostscript 8.64~dfsg-2 (bookworm) |
| jasper_project | jasper | — | — |
CVSS provenance
nvd9.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv9.3CRITICAL