CVE-2017-5501

CWE-190Integer Overflow6 documents6 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 68.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Jasper Project Jasper
Timeline
PublishedMar 1
Latest updateMay 17

Description

Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages1 packages

NVDjasper_project/jasper1.900.17

🔴Vulnerability Details

3
GHSA
GHSA-2x75-cc38-3wrx: Integer overflow in libjasper/jpc/jpc_tsfb2022-05-17
OSV
CVE-2017-5501: Integer overflow in libjasper/jpc/jpc_tsfb2017-03-01
CVEList
CVE-2017-5501: Integer overflow in libjasper/jpc/jpc_tsfb2017-03-01

📋Vendor Advisories

1
Red Hat
jasper: Signed integer overflow in jpc_tsfb_getbands2() in jpc_tsfb.c2016-10-28

💬Community

1
Bugzilla
CVE-2017-5501 jasper: Signed integer overflow in jpc_tsfb_getbands2() in jpc_tsfb.c2017-01-24
CVE-2017-5501 (MEDIUM CVSS 5.5) | Integer overflow in libjasper/jpc/j | cvebase.io