Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2011-4517 | 6.8 |
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a deni
|
20-12-2023 - 18:29 | 15-12-2011 - 03:57 | |
CVE-2011-4516 | 6.8 |
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding st
|
20-12-2023 - 18:29 | 15-12-2011 - 03:57 | |
CVE-2014-3566 | 4.3 |
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
|
12-09-2023 - 14:55 | 15-10-2014 - 00:55 | |
CVE-2014-8157 | 7.5 |
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overf
|
30-10-2018 - 16:27 | 26-01-2015 - 15:59 | |
CVE-2014-8158 | 6.8 |
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
|
30-10-2018 - 16:27 | 26-01-2015 - 15:59 | |
CVE-2014-9029 | 7.5 |
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based bu
|
09-10-2018 - 19:54 | 08-12-2014 - 16:59 | |
CVE-2014-8137 | 6.8 |
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
|
05-01-2018 - 02:29 | 24-12-2014 - 18:59 | |
CVE-2014-8138 | 7.5 |
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
|
05-01-2018 - 02:29 | 24-12-2014 - 18:59 | |
CVE-2008-3520 | 9.3 |
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
|
29-09-2017 - 01:31 | 02-10-2008 - 18:18 | |
CVE-2008-3522 | 10.0 |
Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.
|
08-08-2017 - 01:31 | 02-10-2008 - 18:18 |