CVE-2015-8751

CWE-190 — Integer Overflow9 documents5 sources

Severity

8.8HIGH

EPSS

0.9%

top 24.99%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Jasper Project Jasper

Timeline

PublishedFeb 17

Latest updateMay 24

Description

Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 image, related to integer multiplication for memory allocation.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDjasper_project/jasper< 1.900.4

🔴Vulnerability Details

GHSA

GHSA-w5gw-jv97-p9hj: Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 ima↗2022-05-24

▶

CVEList

CVE-2015-8751: Integer overflow in the jas_matrix_create function in JasPer allows context-dependent attackers to have unspecified impact via a crafted JPEG 2000 ima↗2020-02-17

▶

📋Vendor Advisories

Red Hat

jasper: integer overflow in the jas_matrix_create() function↗2015-12-24

▶

💬Community

Bugzilla

CVE-2015-8751 mingw-jasper: jasper: integer overflow in the jas_matrix_create() function [fedora-all]↗2016-01-08

▶

Bugzilla

CVE-2015-8751 jasper: integer overflow in the jas_matrix_create() function [epel-5]↗2016-01-08

▶

Bugzilla

CVE-2015-8751 jasper: integer overflow in the jas_matrix_create() function [fedora-all]↗2016-01-08

▶

Bugzilla

CVE-2015-8751 mingw-jasper: jasper: integer overflow in the jas_matrix_create() function [epel-7]↗2016-01-08

▶

Bugzilla

CVE-2015-8751 jasper: integer overflow in the jas_matrix_create() function↗2016-01-08

▶