CVE-2016-10249 log
| Source |
|
| Severity | High |
| Remote | Yes |
| Type | Arbitrary code execution |
| Description | A heap-based buffer overflow vulnerability has been discovered in jasper in jpc_dec_tiledecode (jpc_dec.c) leading to arbitrary code execution. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-207 | jasper | 1.900.9-1 | 1.900.20-1 | High | Fixed |
| References |
|---|
https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/ https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568 |