Shodan
Vulnerabilities
Vulnerable Software
Jasper Project:  >> Jasper  >> 1.900.1  Security Vulnerabilities
CVE-2016-8882
The jpc_dec_tilefini function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.003
Published
2017-01-13
CVE-2016-8883
The jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.8 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-01-13
CVE-2016-2116
Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
CVSS Score
5.7
EPSS Score
0.095
Published
2016-04-13
CVE-2016-1577
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.
CVSS Score
7.6
EPSS Score
0.091
Published
2016-04-13
CVE-2016-2089
The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.
CVSS Score
6.5
EPSS Score
0.008
Published
2016-02-08
CVE-2016-1867
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
CVSS Score
6.5
EPSS Score
0.006
Published
2016-01-20
CVE-2014-8158
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
CVSS Score
6.8
EPSS Score
0.059
Published
2015-01-26
CVE-2014-8157
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
CVSS Score
7.5
EPSS Score
0.059
Published
2015-01-26
CVE-2014-8138
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
CVSS Score
7.5
EPSS Score
0.059
Published
2014-12-24
CVE-2014-8137
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
CVSS Score
6.8
EPSS Score
0.315
Published
2014-12-24


Products
Pricing
Contact Us

Shodan ® - All rights reserved