Vulnerability Details CVE-2016-9591
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.0%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/94952
- https://access.redhat.com/errata/RHSA-2017:1208
- https://bugzilla.redhat.com/show_bug.cgi?id=1406405
- https://security.gentoo.org/glsa/201707-07
- https://www.debian.org/security/2017/dsa-3827
- http://www.securityfocus.com/bid/94952
- https://access.redhat.com/errata/RHSA-2017:1208
- https://bugzilla.redhat.com/show_bug.cgi?id=1406405
- https://security.gentoo.org/glsa/201707-07
- https://www.debian.org/security/2017/dsa-3827
Products affected by CVE-2016-9591
-
cpe:2.3:a:jasper_project:jasper:-
-
cpe:2.3:a:jasper_project:jasper:1.900.1
-
cpe:2.3:a:jasper_project:jasper:1.900.10
-
cpe:2.3:a:jasper_project:jasper:1.900.11
-
cpe:2.3:a:jasper_project:jasper:1.900.12
-
cpe:2.3:a:jasper_project:jasper:1.900.13
-
cpe:2.3:a:jasper_project:jasper:1.900.14
-
cpe:2.3:a:jasper_project:jasper:1.900.15
-
cpe:2.3:a:jasper_project:jasper:1.900.16
-
cpe:2.3:a:jasper_project:jasper:1.900.17
-
cpe:2.3:a:jasper_project:jasper:1.900.18
-
cpe:2.3:a:jasper_project:jasper:1.900.19
-
cpe:2.3:a:jasper_project:jasper:1.900.2
-
cpe:2.3:a:jasper_project:jasper:1.900.20
-
cpe:2.3:a:jasper_project:jasper:1.900.21
-
cpe:2.3:a:jasper_project:jasper:1.900.22
-
cpe:2.3:a:jasper_project:jasper:1.900.23
-
cpe:2.3:a:jasper_project:jasper:1.900.24
-
cpe:2.3:a:jasper_project:jasper:1.900.25
-
cpe:2.3:a:jasper_project:jasper:1.900.26
-
cpe:2.3:a:jasper_project:jasper:1.900.27
-
cpe:2.3:a:jasper_project:jasper:1.900.28
-
cpe:2.3:a:jasper_project:jasper:1.900.29
-
cpe:2.3:a:jasper_project:jasper:1.900.3
-
cpe:2.3:a:jasper_project:jasper:1.900.30
-
cpe:2.3:a:jasper_project:jasper:1.900.31
-
cpe:2.3:a:jasper_project:jasper:1.900.4
-
cpe:2.3:a:jasper_project:jasper:1.900.5
-
cpe:2.3:a:jasper_project:jasper:1.900.6
-
cpe:2.3:a:jasper_project:jasper:1.900.7
-
cpe:2.3:a:jasper_project:jasper:1.900.8
-
cpe:2.3:a:jasper_project:jasper:1.900.9
-
cpe:2.3:a:jasper_project:jasper:2.0.0
-
cpe:2.3:a:jasper_project:jasper:2.0.1
-
cpe:2.3:a:jasper_project:jasper:2.0.10
-
cpe:2.3:a:jasper_project:jasper:2.0.11
-
cpe:2.3:a:jasper_project:jasper:2.0.2
-
cpe:2.3:a:jasper_project:jasper:2.0.3
-
cpe:2.3:a:jasper_project:jasper:2.0.4
-
cpe:2.3:a:jasper_project:jasper:2.0.5
-
cpe:2.3:a:jasper_project:jasper:2.0.6
-
cpe:2.3:a:jasper_project:jasper:2.0.7
-
cpe:2.3:a:jasper_project:jasper:2.0.8
-
cpe:2.3:a:jasper_project:jasper:2.0.9
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0