CVE-2016-8654
Description
A heap-buffer overflow vulnerability was found in QMFB code in JPC codec caused by buffer being allocated with too small size. jasper versions before 2.0.0 are affected.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.234
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Library for manipulating JPEG-2000 files (USN-3295-1) libjasper1_1.900.1-14ubuntu3.4_i386.deb | Linux |
| Library for manipulating JPEG-2000 files (USN-3295-1) libjasper1_1.900.1-14ubuntu3.4_amd64.deb | Linux |
| Library for manipulating JPEG-2000 files (USN-3295-1) libjasper1_1.900.1-debian1-2.4ubuntu1.1_i386.deb | Linux |
| Library for manipulating JPEG-2000 files (USN-3295-1) libjasper1_1.900.1-debian1-2.4ubuntu1.1_amd64.deb | Linux |
| Jasper update (ELSA-2017-1208) jasper-1.900.1-21.el6_9.x86_64.rpm | Linux |
| Jasper-devel update (ELSA-2017-1208) jasper-devel-1.900.1-21.el6_9.x86_64.rpm | Linux |
| Jasper-libs update (ELSA-2017-1208) jasper-libs-1.900.1-21.el6_9.x86_64.rpm | Linux |
| Jasper-utils update (ELSA-2017-1208) jasper-utils-1.900.1-21.el6_9.x86_64.rpm | Linux |
| Jasper update (ELSA-2017-1208) jasper-1.900.1-21.el6_9.i686.rpm | Linux |
| Jasper-devel update (ELSA-2017-1208) jasper-devel-1.900.1-21.el6_9.i686.rpm | Linux |
| Jasper-libs update (ELSA-2017-1208) jasper-libs-1.900.1-21.el6_9.i686.rpm | Linux |
| Jasper-utils update (ELSA-2017-1208) jasper-utils-1.900.1-21.el6_9.i686.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234