Showing 1 - 3 of 3

CVE-2016-2116

Status Candidate

Overview

Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.

Related Files

Red Hat Security Advisory 2017-1208-01: Posted May 10, 2017; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2017-1208-01 - JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix: Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.; tags | advisory, arbitrary; systems | linux, redhat; advisories | CVE-2015-5203, CVE-2015-5221, CVE-2016-10248, CVE-2016-10249, CVE-2016-10251, CVE-2016-1577, CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8654, CVE-2016-8690, CVE-2016-8691, CVE-2016-8692, CVE-2016-8693, CVE-2016-8883, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9560, CVE-2016-9583; SHA-256 | 68e5ec71a7d55fddd3f5075f283c5a28ea2e0b1c9044cf97142f0c6b5e40ffcf; Download | Favorite | View

Debian Security Advisory 3508-1: Posted Mar 7, 2016; Authored by Debian | Site debian.org; Debian Linux Security Advisory 3508-1 - Several vulnerabilities were discovered in JasPer, a library for manipulating JPEG-2000 files.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2016-1577, CVE-2016-2089, CVE-2016-2116; SHA-256 | d72cd025ee8c1eebbea9a16ad7bf25444a0bbf771cc91a3c358473b215021d7c; Download | Favorite | View

Ubuntu Security Notice USN-2919-1: Posted Mar 3, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 2919-1 - Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. Tyler Hicks discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to consume memory, resulting in a denial of service. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2016-1577, CVE-2016-2116; SHA-256 | 4b2016c3d459906f5ca1fdfbdddca0aafc51d672827b6de0e5dfaceda561a24c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

CVE-2016-2116

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems