Jasper Project Jasper vulnerabilities

CVE-2016-9560 [HIGH] CWE-787 CVE-2016-9560: Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900. Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.

CVE-2016-8693 [HIGH] CWE-415 CVE-2016-8693: Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.

CVE-2016-8691 [MEDIUM] CWE-369 CVE-2016-8691: The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote a The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.

CVE-2016-8692 [MEDIUM] CWE-369 CVE-2016-8692: The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote a The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted YRsiz value in a BMP image to the imginfo command.

CVE-2016-8690 [MEDIUM] CWE-476 CVE-2016-8690: The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.

CVE-2016-8882 [MEDIUM] CWE-476 CVE-2016-8882: The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote atta The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.

CVE-2016-8883 [MEDIUM] CWE-399 CVE-2016-8883: The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cau The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.

CVE-2016-1577 [HIGH] CVE-2016-1577: Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allow Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.

CVE-2016-2116 [MEDIUM] CWE-399 CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote at Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.

CVE-2016-2089 [MEDIUM] CWE-20 CVE-2016-2089: The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denia The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.

CVE-2016-1867 [MEDIUM] CWE-119 CVE-2016-1867: The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.

CVE-2014-8157 [HIGH] CWE-189 CVE-2014-8157: Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote att Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.

CVE-2014-8158 [MEDIUM] CWE-119 CVE-2014-8158: Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attac Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.

CVE-2014-8138 [HIGH] CWE-119 CVE-2014-8138: Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote at Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.

CVE-2014-8137 [MEDIUM] CVE-2014-8137: Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allow Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.

CVE-2014-9029 [HIGH] CWE-189 CVE-2014-9029: Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based buffer overflow.

CVE-2011-4516 [MEDIUM] CWE-787 CVE-2011-4516: Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

CVE-2011-4517 [MEDIUM] CWE-787 CVE-2011-4517: The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data typ The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a

CVE-2008-3520 [CRITICAL] CWE-189 CVE-2008-3520: Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unkn Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.

CVE-2008-3522 [CRITICAL] CWE-119 CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 m Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.