CVE-2016-9583

CWE-125Out-of-bounds ReadCWE-190Integer Overflow11 documents7 sources
Severity
7.8HIGH
EPSS
0.3%
top 45.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Jasper Project JasperTHE Jasper Project JasperOracle Outside IN Technology+6 more
Timeline
PublishedAug 1
Latest updateMay 13

Description

An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 2.0.6 when processing crafted input.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

Ubuntujasper< 1.900.1-14ubuntu3.3+1
CVEListV5the_jasper_project/jasper2.0.6

Also affects: Enterprise Linux 7.3, 7.4, 7.6, 7.5

Patches

Patch: bugzilla.redhat.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
GHSA
GHSA-3f3w-h3vg-6wx9: An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 22022-05-13
OSV
CVE-2016-9583: An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 22018-08-01
CVEList
CVE-2016-9583: An out-of-bounds heap read vulnerability was found in the jpc_pi_nextpcrl() function of jasper before 22018-08-01

📋Vendor Advisories

1
Red Hat
jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder2016-12-09

💬Community

5
Bugzilla
CVE-2016-9583 jasper: integer overflows leading to out of bounds read in packet iterators in JPC decoder2016-12-15
Bugzilla
CVE-2016-9583 jasper: Out of bounds heap read in jpc_pi_nextpcrl() [epel-5]2016-12-15
Bugzilla
CVE-2016-9583 jasper: Out of bounds heap read in jpc_pi_nextpcrl() [fedora-all]2016-12-15
Bugzilla
CVE-2016-9583 mingw-jasper: jasper: Out of bounds heap read in jpc_pi_nextpcrl() [fedora-all]2016-12-15
Bugzilla
CVE-2016-9583 mingw-jasper: jasper: Out of bounds heap read in jpc_pi_nextpcrl() [epel-7]2016-12-15
CVE-2016-9583 (HIGH CVSS 7.8) | An out-of-bounds heap read vulnerab | cvebase.io