CVE-2007-2721

Name of the Vulnerable Software and Affected Versions libjasper-dev versions prior to 1.900 netpbm-progs versions 10.25 through 10.35 netpbm versions 10.25 through 10.35 netpbm-devel versions 10.25 through 10.35 libjasper-runtime (affected versions not specified) libjasper1 (affected versions not specified)

Description The issue involves multiple vulnerabilities in the mentioned packages, which can lead to disruption of confidentiality, integrity, and availability of protected information. These vulnerabilities can be exploited remotely. The jpc qcx getcompparms function in the JasPer JPEG-2000 library is specifically vulnerable to remote user-assisted attacks, potentially causing a denial of service and heap corruption via malformed image files.

Recommendations For libjasper-dev versions prior to 1.900, update to version 1.900 or later. For netpbm-progs versions 10.25 through 10.35, update to a version outside of this range. For netpbm versions 10.25 through 10.35, update to a version outside of this range. For netpbm-devel versions 10.25 through 10.35, update to a version outside of this range. For libjasper-runtime and libjasper1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.