CVE-2008-3522
published 2008-10-02CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown…
critical10CVSS 3.1
AVNACLAuNCCICAC
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| debian | ghostscript | < ghostscript 8.64~dfsg-2 (bookworm) | ghostscript 8.64~dfsg-2 (bookworm) |
| debian | netpbm-free | < ghostscript 8.64~dfsg-2 (bookworm) | ghostscript 8.64~dfsg-2 (bookworm) |
| jasper_project | jasper | — | — |
| redhat | enterprise_virtualization | — | — |
CVSS provenance
nvd10.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
osv10.0CRITICAL