| CVE-2016-9560 |
Critical |
Yes |
Arbitrary code execution |
A stack buffer overflow vulnerability has been discovered in jpc/jpc_dec.c duo to an out of bounds array write triggered by a crafted image. |
| CVE-2016-9557 |
Medium |
Yes |
Denial of service |
A signed integer overflow vulnerability has been discovered in jas_image.c triggered by a crafted image. An option max_samples has been added to the BMP and... |
| CVE-2016-9388 |
Medium |
Yes |
Denial of service |
An improper error handling was found in the RAS encoder/decoder triggering assertion tests that result in denial of service. |
| CVE-2016-9387 |
Medium |
Yes |
Denial of service |
An integer overflow in jpc_dec_process_siz was found that can be triggered by crafted image file when given as input to imginfo. |
| CVE-2016-9262 |
High |
Yes |
Arbitrary code execution |
A number of overflows were found in jasper causing use after free vulnerability triggered by a crafted image. |
| CVE-2016-8887 |
Medium |
Yes |
Denial of service |
A null pointer dereference vulnerability was found in jp2_colr_destroy in jp2_cod.c leading to application crash. |
| CVE-2016-8885 |
Medium |
Yes |
Denial of service |
A null pointer dereference vulnerability has been discovered in bmp_getdata in bmp_dec.c. |
| CVE-2016-8884 |
Medium |
Yes |
Denial of service |
A null pointer dereference vulnerability has been discovered in bmp_getdata in bmp_dec.c. |
| CVE-2016-8693 |
Medium |
Yes |
Denial of service |
A double free vulnerability was found in mem_close in jas_stream.c triggered by invoking imginfo command on specially crafted image file. |
| CVE-2016-8692 |
Medium |
Yes |
Denial of service |
A division by zero vulnerability was found in jpc_dec_process_siz triggered by invoking imginfo command on specially crafted file. |
| CVE-2016-8691 |
Medium |
Yes |
Denial of service |
A division by zero vulnerability was found in jpc_dec_process_siz triggered by invoking imginfo command on specially crafted file. |
| CVE-2016-8690 |
Medium |
Yes |
Denial of service |
A null pointer dereference vulnerability was found in bmp_getdata triggered by invoking imginfo command on specially crafted BMP image. |
| CVE-2016-2089 |
Medium |
Yes |
Denial of service |
The jas_matrix_clip function in jas_seq.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image. |
| CVE-2015-8751 |
Medium |
Yes |
Denial of service |
An integer overflow flaw was found in the way the JasPer's library jas_matrix_create() function parsed certain JPEG 2000 image files. A specially crafted... |
| CVE-2015-5203 |
High |
Yes |
Arbitrary code execution |
A double free flaw was found in the way JasPer's jasper_image_stop_load() function parsed certain JPEG 2000 image files. A specially crafted file could... |