CVE-2016-9387 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
An integer overflow in jpc_dec_process_siz was found that can be triggered by crafted image file when given as input to imginfo.
Group Package Affected Fixed Severity Status Ticket
AVG-14 jasper 1.900.1-15 1.900.31-1 Critical Fixed
Date Advisory Group Package Severity Description
07 Dec 2016 ASA-201612-9 AVG-14 jasper Critical multiple issues
References
https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf
http://seclists.org/oss-sec/2016/q4/441