The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/11/17/1 | Mailing List Patch Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/94373 | Third Party Advisory VDB Entry |
https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure | Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1396979 | Issue Tracking Third Party Advisory VDB Entry |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/ |
Configurations
History
07 Nov 2023, 02:37
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
22 Feb 2021, 14:19
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-617 | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/ - Mailing List, Third Party Advisory | |
References | (MISC) https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure - Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2016/11/17/1 - Mailing List, Patch, Third Party Advisory, VDB Entry | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/ - Mailing List, Third Party Advisory |
03 Feb 2021, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-03-23 18:59
Updated : 2023-12-10 12:01
NVD link : CVE-2016-9397
Mitre link : CVE-2016-9397
CVE.ORG link : CVE-2016-9397
JSON object : View
Products Affected
jasper_project
- jasper
fedoraproject
- fedora
CWE
CWE-617
Reachable Assertion