PT-2017-13073 · Jasper · Jasper

Publicado

2017-08-29

·

Atualizado

2021-02-05

·

CVE-2017-13751

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions JasPer version 2.0.12
Description The issue is related to a reachable assertion abort in the function calcstepsizes() in jpc/jpc dec.c, which can lead to a remote denial of service attack.
Recommendations For JasPer version 2.0.12, consider disabling the calcstepsizes() function as a temporary workaround until a patch is available.

Exploit

Correção

Assertion Failure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-617

Identificadores relacionados

CVE-2017-13751
MGASA-2020-0337

Produtos afetados

Jasper