| Severity |
|
| Remote |
|
| Type |
|
| Description |
| + |
A memory allocation failure was found in jas_malloc triggered by a crafted file that results in an application crash leading to denial of service. |
|
| References |
| + |
http://seclists.org/oss-sec/2016/q4/214 |
| + |
https://blogs.gentoo.org/ago/2016/10/18/jasper-memory-allocation-failure-in-jas_malloc-jas_malloc-c |
| + |
https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5bbd256 |
|
| Notes |
| + |
Fixed in version 1.900.11 via commit https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5bbd256 now part of version-2.0.12 |
|