Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2016-10249 - log back

CVE-2016-10249 created at 25 Sep 2019 19:31:40

Severity

+

High

Remote

+

Remote

Type

+	Arbitrary code execution

Description

+	A heap-based buffer overflow vulnerability has been discovered in jasper in jpc_dec_tiledecode (jpc_dec.c) leading to arbitrary code execution.

References

+	https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/
+	https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568

Notes