CVE-2016-2089
- EPSS 2.56%
- Veröffentlicht 08.02.2016 19:59:06
- Zuletzt bearbeitet 06.05.2026 22:30:45
The jas_matrix_clip function in jas_seq.c in JasPer 1.900.1 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted JPEG 2000 image.
CVE-2016-1867
- EPSS 2.31%
- Veröffentlicht 20.01.2016 16:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
The jpc_pi_nextcprl function in JasPer 1.900.1 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG 2000 image.
CVE-2014-8158
- EPSS 14.45%
- Veröffentlicht 26.01.2015 15:59:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
CVE-2014-8157
- EPSS 16.86%
- Veröffentlicht 26.01.2015 15:59:04
- Zuletzt bearbeitet 06.05.2026 22:30:45
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overf...
CVE-2014-8138
- EPSS 18.5%
- Veröffentlicht 24.12.2014 18:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Heap-based buffer overflow in the jp2_decode function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 file.
CVE-2014-8137
- EPSS 14.55%
- Veröffentlicht 24.12.2014 18:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
CVE-2014-9029
- EPSS 18.4%
- Veröffentlicht 08.12.2014 16:59:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to execute arbitrary code via a crafted jp2 file, which triggers a heap-based bu...
CVE-2011-4516
- EPSS 10.62%
- Veröffentlicht 15.12.2011 03:57:34
- Zuletzt bearbeitet 16.06.2026 23:34:58
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding st...
CVE-2011-4517
- EPSS 10.62%
- Veröffentlicht 15.12.2011 03:57:34
- Zuletzt bearbeitet 16.06.2026 23:34:58
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a deni...
CVE-2008-3520
- EPSS 3.21%
- Veröffentlicht 02.10.2008 18:18:05
- Zuletzt bearbeitet 16.06.2026 22:55:58
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.