| CVE-2017-9782 |
Low |
No |
Denial of service |
JasPer 2.0.12 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted image, related to the... |
| CVE-2017-6852 |
High |
Yes |
Arbitrary code execution |
A heap-based buffer overflow vulnerability has been discovered in jasper in jpc_dec_decodepkt (jpc_t2dec.c) that may lead to arbitrary code execution. |
| CVE-2017-6850 |
Medium |
Yes |
Denial of service |
A NULL pointer dereference vulnerability has been discovered in jasper in jp2_cdef_destroy (jp2_cod.c) leading to application crash. |
| CVE-2017-5505 |
Medium |
Yes |
Denial of service |
An invalid memory read in jas_matrix_asl (jas_seq.c) has been discovered that is triggered by a specially crafted file and is leading to denial of service. |
| CVE-2017-5504 |
Medium |
Yes |
Denial of service |
An invalid memory read in jpc_undo_roi (jpc_dec.c) has been discovered that is triggered by a specially crafted file leading to denial of service. |
| CVE-2017-5503 |
High |
Yes |
Arbitrary code execution |
An invalid memory write has been discovered in dec_clnpass (jpc_t1dec.c) triggered by a specially crafted file that may lead to arbitrary code execution. |