There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/100514 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1485276 | Exploit Issue Tracking Third Party Advisory |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/ | |
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/ | |
https://security.gentoo.org/glsa/201908-03 | Third Party Advisory |
Configurations
History
07 Nov 2023, 02:38
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
05 Feb 2021, 14:53
Type | Values Removed | Values Added |
---|---|---|
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UPOVZTSIQPW2H4AFLMI3LHJEZGBVEQET/ - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201908-03 - Third Party Advisory | |
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1485276 - Exploit, Issue Tracking, Third Party Advisory | |
References | (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N4ALB4SXHURLVWKAOKYRNJXPABW3M22M/ - Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/100514 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:* |
03 Feb 2021, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Jan 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2017-08-29 06:29
Updated : 2023-12-10 12:15
NVD link : CVE-2017-13752
Mitre link : CVE-2017-13752
CVE.ORG link : CVE-2017-13752
JSON object : View
Products Affected
jasper_project
- jasper
fedoraproject
- fedora
CWE
CWE-617
Reachable Assertion