ID CVE-2016-2116
Summary Memory leak in the jas_iccprof_createfrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
References
Vulnerable Configurations
  • Canonical Ubuntu Linux 12.04 LTS
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:lts
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 15.10
    cpe:2.3:o:canonical:ubuntu_linux:15.10
  • Jasper Project Jasper 1.900.1
    cpe:2.3:a:jasper_project:jasper:1.900.1
CVSS
Base: 4.3 (as of 14-04-2016 - 11:35)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3508.NASL
    description Several vulnerabilities were discovered in JasPer, a library for manipulating JPEG-2000 files. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-1577 Jacob Baines discovered a double-free flaw in the jas_iccattrval_destroy function. A remote attacker could exploit this flaw to cause an application using the JasPer library to crash, or potentially, to execute arbitrary code with the privileges of the user running the application. - CVE-2016-2089 The Qihoo 360 Codesafe Team discovered a NULL pointer dereference flaw within the jas_matrix_clip function. A remote attacker could exploit this flaw to cause an application using the JasPer library to crash, resulting in a denial-of-service. - CVE-2016-2116 Tyler Hicks discovered a memory leak flaw in the jas_iccprof_createfrombuf function. A remote attacker could exploit this flaw to cause the JasPer library to consume memory, resulting in a denial-of-service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 89698
    published 2016-03-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89698
    title Debian DSA-3508-1 : jasper - security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1270.NASL
    description This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410) - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919). - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553). - CVE-2016-1577: Double free vulnerability in the jas_iccattrval_destroy function in JasPer allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137 (bsc#968373). - CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084). - CVE-2016-8691, CVE-2016-8692: Missing range check on XRsiz and YRsiz fields of SIZ marker segment (bsc#1005090). - CVE-2016-8693: The memory stream interface allowed for a buffer size of zero. The case of a zero-sized buffer was not handled correctly, as it could lead to a double free (bsc#1005242). - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591). - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593). - CVE-2016-8882: NULL pointer access in jpc_pi_destroy (bsc#1006597). - CVE-2016-8883: Assert triggered in jpc_dec_tiledecode() (bsc#1006598). - CVE-2016-8886: Memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599). For additional change description please have a look at the changelog.
    last seen 2019-02-21
    modified 2018-06-29
    plugin id 94601
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94601
    title openSUSE Security Update : jasper (openSUSE-2016-1270)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-9B17661DE5.NASL
    description Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-11-15
    plugin id 94840
    published 2016-11-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94840
    title Fedora 25 : jasper (2016-9b17661de5)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1263.NASL
    description This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410) - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919). - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553). - CVE-2016-1577: Double free vulnerability in the jas_iccattrval_destroy function in JasPer allowed remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137 (bsc#968373). - CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084). - CVE-2016-8691, CVE-2016-8692: Missing range check on XRsiz and YRsiz fields of SIZ marker segment (bsc#1005090). - CVE-2016-8693: The memory stream interface allowed for a buffer size of zero. The case of a zero-sized buffer was not handled correctly, as it could lead to a double free (bsc#1005242). - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591). - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593). - CVE-2016-8882: NULL pointer access in jpc_pi_destroy (bsc#1006597). - CVE-2016-8883: Assert triggered in jpc_dec_tiledecode() (bsc#1006598). - CVE-2016-8886: Memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599). For additional change description please have a look at the changelog.
    last seen 2019-02-21
    modified 2017-02-27
    plugin id 94596
    published 2016-11-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94596
    title openSUSE Security Update : jasper (openSUSE-2016-1263)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2775-1.NASL
    description This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836) - CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599) - CVE-2016-8884,CVE-2016-8885: two NULL pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009) - CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598) - CVE-2016-8882: segfault / NULL pointer access in jpc_pi_destroy (bsc#1006597) - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593) - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591) - CVE-2016-8693 Double free vulnerability in mem_close (bsc#1005242) - CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084) - CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373) - CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983) - CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886) - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553). - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919) - CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410) - jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887) (bsc#1006839) For additional change description please have a look at the changelog. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 94728
    published 2016-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94728
    title SUSE SLED12 / SLES12 Security Update : jasper (SUSE-SU-2016:2775-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-7776983633.NASL
    description Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 92972
    published 2016-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92972
    title Fedora 24 : jasper (2016-7776983633)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-2919-1.NASL
    description Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2016-1577) Tyler Hicks discovered that JasPer incorrectly handled memory when processing JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to consume memory, resulting in a denial of service. (CVE-2016-2116). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 89660
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89660
    title Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : jasper vulnerabilities (USN-2919-1)
  • NASL family OracleVM Local Security Checks
    NASL id ORACLEVM_OVMSA-2017-0102.NASL
    description The remote OracleVM system is missing necessary patches to address critical security updates : - Bump release - Multiple security fixes (fixed by thoger): CVE-2015-5203 CVE-2015-5221 CVE-2016-1577 CVE-2016-1867 (CVE-2016-2089) CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 (CVE-2016-8692) CVE-2016-8693 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 (CVE-2016-9262) CVE-2016-9387 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 (CVE-2016-9391) CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9560 (CVE-2016-9583) CVE-2016-9591 CVE-2016-9600 CVE-2016-10248 CVE-2016-10249 (CVE-2016-10251) - Fix implicit declaration warning caused by security fixes above - CVE-2014-8157 - dec->numtiles off-by-one check in jpc_dec_process_sot (#1183672) - CVE-2014-8158 - unrestricted stack memory use in jpc_qmfb.c (#1183680) - CVE-2014-8137 - double-free in in jas_iccattrval_destroy (#1173567) - CVE-2014-8138 - heap overflow in jp2_decode (#1173567) - CVE-2014-9029 - incorrect component number check in COC, RGN and QCC marker segment decoders (#1171209)
    last seen 2019-02-21
    modified 2018-07-24
    plugin id 100116
    published 2017-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100116
    title OracleVM 3.3 / 3.4 : jasper (OVMSA-2017-0102)
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2017-1208.NASL
    description From Red Hat Security Advisory 2017:1208 : An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es) : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-8654, CVE-2016-9583, CVE-2016-9591, and CVE-2016-9600; Gustavo Grieco for reporting CVE-2015-5203; and Josselin Feist for reporting CVE-2015-5221.
    last seen 2019-02-21
    modified 2018-07-25
    plugin id 100089
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100089
    title Oracle Linux 6 / 7 : jasper (ELSA-2017-1208)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20170509_JASPER_ON_SL6_X.NASL
    description Security Fix(es) : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 100120
    published 2017-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100120
    title Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1095.NASL
    description According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-14
    plugin id 100812
    published 2017-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100812
    title EulerOS 2.0 SP2 : jasper (EulerOS-SA-2017-1095)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-2776-1.NASL
    description This update for jasper fixes the following issues: Security fixes : - CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836) - CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599) - CVE-2016-8884,CVE-2016-8885: two NULL pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009) - CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598) - CVE-2016-8882: segfault / NULL pointer access in jpc_pi_destroy (bsc#1006597) - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593) - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591) - CVE-2016-8693: Double free vulnerability in mem_close (bsc#1005242) - CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084) - CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983) - CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886) - CVE-2016-1577, CVE-2016-2116: double free vulnerability in the jas_iccattrval_destroy function (bsc#968373) - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553) - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919) - CVE-2008-3522: multiple integer overflows (bsc#392410) - bsc#1006839: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 94729
    published 2016-11-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94729
    title SUSE SLES11 Security Update : jasper (SUSE-SU-2016:2776-1)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2016-BBECF64AF4.NASL
    description Fix broken ABI ---- Security fix for CVE-2015-5203, CVE-2015-5221, CVE-2016-1867, CVE-2016-1577 and CVE-2016-2116. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2016-10-18
    plugin id 93635
    published 2016-09-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=93635
    title Fedora 23 : jasper (2016-bbecf64af4)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1208.NASL
    description An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es) : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-8654, CVE-2016-9583, CVE-2016-9591, and CVE-2016-9600; Gustavo Grieco for reporting CVE-2015-5203; and Josselin Feist for reporting CVE-2015-5221.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100093
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100093
    title RHEL 6 / 7 : jasper (RHSA-2017:1208)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2016-1309.NASL
    description This update for jasper to version 1.900.14 fixes several issues. These security issues were fixed : - CVE-2016-8887: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (bsc#1006836) - CVE-2016-8886: memory allocation failure in jas_malloc (jas_malloc.c) (bsc#1006599) - CVE-2016-8884,CVE-2016-8885: two NULL pointer dereferences in bmp_getdata (incomplete fix for CVE-2016-8690) (bsc#1007009) - CVE-2016-8883: assert in jpc_dec_tiledecode() (bsc#1006598) - CVE-2016-8882: segfault / NULL pointer access in jpc_pi_destroy (bsc#1006597) - CVE-2016-8881: Heap overflow in jpc_getuint16() (bsc#1006593) - CVE-2016-8880: Heap overflow in jpc_dec_cp_setfromcox() (bsc#1006591) - CVE-2016-8693 Double free vulnerability in mem_close (bsc#1005242) - CVE-2016-8691, CVE-2016-8692: Divide by zero in jpc_dec_process_siz (bsc#1005090) - CVE-2016-8690: NULL pointer dereference in bmp_getdata triggered by crafted BMP image (bsc#1005084) - CVE-2016-2116: Memory leak in the jas_iccprof_createfrombuf function in JasPer allowed remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file (bsc#968373) - CVE-2016-2089: invalid read in the JasPer's jas_matrix_clip() function (bsc#963983) - CVE-2016-1867: Out-of-bounds Read in the JasPer's jpc_pi_nextcprl() function (bsc#961886) - CVE-2015-5221: Use-after-free (and double-free) in Jasper JPEG-200 (bsc#942553). - CVE-2015-5203: Double free corruption in JasPer JPEG-2000 implementation (bsc#941919) - CVE-2008-3522: Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer might have allowed context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf (bsc#392410) - jasper: NULL pointer dereference in jp2_colr_destroy (jp2_cod.c) (incomplete fix for CVE-2016-8887) (bsc#1006839) For additional change description please have a look at the changelog. This update was imported from the SUSE:SLE-12:Update update project.
    last seen 2019-02-21
    modified 2017-02-27
    plugin id 94945
    published 2016-11-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=94945
    title openSUSE Security Update : jasper (openSUSE-2016-1309)
  • NASL family Virtuozzo Local Security Checks
    NASL id VIRTUOZZO_VZLSA-2017-1208.NASL
    description An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es) : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-8654, CVE-2016-9583, CVE-2016-9591, and CVE-2016-9600; Gustavo Grieco for reporting CVE-2015-5203; and Josselin Feist for reporting CVE-2015-5221. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-27
    plugin id 101464
    published 2017-07-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=101464
    title Virtuozzo 6 : jasper / jasper-devel / jasper-libs / jasper-utils (VZLSA-2017-1208)
  • NASL family Amazon Linux Local Security Checks
    NASL id ALA_ALAS-2017-836.NASL
    description Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. ( CVE-2016-8654 , CVE-2016-9560 , CVE-2016-10249 , CVE-2015-5203 , CVE-2015-5221 , CVE-2016-1577 , CVE-2016-8690 , CVE-2016-8693 , CVE-2016-8884 , CVE-2016-8885 , CVE-2016-9262 , CVE-2016-9591 ) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867 , CVE-2016-2089 , CVE-2016-2116 , CVE-2016-8691 , CVE-2016-8692 , CVE-2016-8883 , CVE-2016-9387 , CVE-2016-9388 , CVE-2016-9389 , CVE-2016-9390 , CVE-2016-9391 , CVE-2016-9392 , CVE-2016-9393 , CVE-2016-9394 , CVE-2016-9583 , CVE-2016-9600 , CVE-2016-10248 , CVE-2016-10251)
    last seen 2019-02-21
    modified 2018-04-18
    plugin id 100637
    published 2017-06-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100637
    title Amazon Linux AMI : jasper (ALAS-2017-836)
  • NASL family Huawei Local Security Checks
    NASL id EULEROS_SA-2017-1094.NASL
    description According to the versions of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) - Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-29
    plugin id 100811
    published 2017-06-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100811
    title EulerOS 2.0 SP1 : jasper (EulerOS-SA-2017-1094)
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2017-1208.NASL
    description An update for jasper is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard. Security Fix(es) : Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654, CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693, CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591) Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691, CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251) Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-8654, CVE-2016-9583, CVE-2016-9591, and CVE-2016-9600; Gustavo Grieco for reporting CVE-2015-5203; and Josselin Feist for reporting CVE-2015-5221.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100174
    published 2017-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100174
    title CentOS 6 / 7 : jasper (CESA-2017:1208)
redhat via4
advisories
rhsa
id RHSA-2017:1208
rpms
  • jasper-0:1.900.1-30.el7_3
  • jasper-devel-0:1.900.1-30.el7_3
  • jasper-libs-0:1.900.1-30.el7_3
  • jasper-utils-0:1.900.1-30.el7_3
  • jasper-0:1.900.1-21.el6_9
  • jasper-devel-0:1.900.1-21.el6_9
  • jasper-libs-0:1.900.1-21.el6_9
  • jasper-utils-0:1.900.1-21.el6_9
refmap via4
bid 84133
confirm https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865
debian DSA-3508
mlist [oss-security] 20160303 Security issues in JasPer (CVE-2016-1577 and CVE-2016-2116)
ubuntu USN-2919-1
Last major update 02-12-2016 - 22:24
Published 13-04-2016 - 10:59
Last modified 04-01-2018 - 21:30
Back to Top