PT-2008-4912 · Jasper+1 · Jasper+1

Michael D. Adams

Published

2008-10-02

Updated

2023-02-13

CVE-2008-3521

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions JasPer version 1.900.1

Description A race condition exists in the jas stream tmpfile function, allowing local users to cause a denial of service by creating a specific temporary file, which causes the program to exit.

Recommendations For JasPer version 1.900.1, consider restricting access to the jas stream tmpfile function as a temporary workaround until a patch is available.

Exploit

Fix

DoS

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

ALT-PU-2016-2474

CVE-2008-3521

Affected Products

Alt Linux

Jasper

PT-2008-4912 · Jasper+1 · Jasper+1

CVE-2008-3521

Weakness Enumeration

Related Identifiers

Affected Products

References · 67