Red Hat Security Advisory 2017-1208-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
68e5ec71a7d55fddd3f5075f283c5a28ea2e0b1c9044cf97142f0c6b5e40ffcf
Debian Linux Security Advisory 3508-1 - Several vulnerabilities were discovered in JasPer, a library for manipulating JPEG-2000 files.
d72cd025ee8c1eebbea9a16ad7bf25444a0bbf771cc91a3c358473b215021d7c
Ubuntu Security Notice 2919-1 - Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. Tyler Hicks discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to consume memory, resulting in a denial of service. Various other issues were also addressed.
4b2016c3d459906f5ca1fdfbdddca0aafc51d672827b6de0e5dfaceda561a24c