CVE-2016-9387 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Denial of service |
| Description | An integer overflow in jpc_dec_process_siz was found that can be triggered by crafted image file when given as input to imginfo. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-14 | jasper | 1.900.1-15 | 1.900.31-1 | Critical | Fixed |
| Date | Advisory | Group | Package | Severity | Type |
|---|---|---|---|---|---|
| 07 Dec 2016 | ASA-201612-9 | AVG-14 | jasper | Critical | multiple issues |
| References |
|---|
https://github.com/mdadams/jasper/commit/d91198abd00fc435a397fe6bad906a4c1748e9cf http://seclists.org/oss-sec/2016/q4/441 |