Shodan
Vulnerabilities
Vulnerable Software
Jasper Project:  Security Vulnerabilities
CVE-2017-5498
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-01
CVE-2017-5499
Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-03-01
CVE-2017-5500
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-01
CVE-2017-5501
Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-01
CVE-2017-5502
libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
CVSS Score
5.5
EPSS Score
0.002
Published
2017-03-01
CVE-2017-5503
The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-03-01
CVE-2017-5504
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-03-01
CVE-2016-9560
Stack-based buffer overflow in the jpc_tsfb_getbands2 function in jpc_tsfb.c in JasPer before 1.900.30 allows remote attackers to have unspecified impact via a crafted image.
CVSS Score
7.8
EPSS Score
0.004
Published
2017-02-15
CVE-2016-8690
The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.5 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted BMP image in an imginfo command.
CVSS Score
5.5
EPSS Score
0.004
Published
2017-02-15
CVE-2016-8691
The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
CVSS Score
5.5
EPSS Score
0.005
Published
2017-02-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved