The calcstepsizes function in jpc_dec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html | Mailing List Third Party Advisory |
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html | Mailing List Third Party Advisory |
http://www.openwall.com/lists/oss-security/2016/11/17/1 | Mailing List Patch Third Party Advisory |
http://www.securityfocus.com/bid/94380 | Third Party Advisory VDB Entry |
https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure | Patch Third Party Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1396981 | Issue Tracking Patch Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/ |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
07 Nov 2023, 02:37
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
22 Feb 2021, 14:18
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:* cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
|
CWE | CWE-617 | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00085.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=1396981 - Issue Tracking, Patch, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/ - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00082.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/ - Mailing List, Third Party Advisory | |
References | (MLIST) http://www.openwall.com/lists/oss-security/2016/11/17/1 - Mailing List, Patch, Third Party Advisory |
03 Feb 2021, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-03-23 18:59
Updated : 2023-12-10 12:01
NVD link : CVE-2016-9399
Mitre link : CVE-2016-9399
CVE.ORG link : CVE-2016-9399
JSON object : View
Products Affected
jasper_project
- jasper
fedoraproject
- fedora
opensuse
- leap
CWE
CWE-617
Reachable Assertion