Shodan
Vulnerabilities
Vulnerable Software
Jasper Project:  >> Jasper  >> 1.900.11  Security Vulnerabilities
CVE-2016-9394
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-23
CVE-2016-9395
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-03-23
CVE-2016-9396
The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.02
Published
2017-03-23
CVE-2017-6850
The jp2_cdef_destroy function in jp2_cod.c in JasPer before 2.0.13 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted image.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-15
CVE-2017-6851
The jas_matrix_bindsub function in jas_seq.c in JasPer 2.0.10 allows remote attackers to cause a denial of service (invalid read) via a crafted image.
CVSS Score
5.5
EPSS Score
0.001
Published
2017-03-15
CVE-2017-6852
Heap-based buffer overflow in the jpc_dec_decodepkt function in jpc_t2dec.c in JasPer 2.0.10 allows remote attackers to have unspecified impact via a crafted image.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-03-15
CVE-2016-10249
Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow.
CVSS Score
7.8
EPSS Score
0.003
Published
2017-03-15
CVE-2016-10250
The jp2_colr_destroy function in jp2_cod.c in JasPer before 1.900.13 allows remote attackers to cause a denial of service (NULL pointer dereference) by leveraging incorrect cleanup of JP2 box data on error. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8887.
CVSS Score
7.5
EPSS Score
0.007
Published
2017-03-15
CVE-2016-10251
Integer overflow in the jpc_pi_nextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-03-15
CVE-2016-9560
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved