Severity |
|
Remote |
|
Type |
|
Description |
+ |
A memory allocation failure was found in jas_malloc triggered by a crafted file that results in an application crash leading to denial of service. |
|
References |
+ |
http://seclists.org/oss-sec/2016/q4/214 |
+ |
https://blogs.gentoo.org/ago/2016/10/18/jasper-memory-allocation-failure-in-jas_malloc-jas_malloc-c |
+ |
https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5bbd256 |
|
Notes |
+ |
Fixed in version 1.900.11 via commit https://github.com/mdadams/jasper/commit/65536647d380571d1a9a6c91fa03775fb5bbd256 now part of version-2.0.12 |
|