PT-2017-13067 · Jasper · Jasper

Published

2017-08-29

Updated

2021-02-05

CVE-2017-13746

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions JasPer version 2.0.12

Description The issue is related to a reachable assertion abort in the function jpc dec process siz() in jpc/jpc dec.c, which can lead to a remote denial of service attack.

Recommendations For JasPer version 2.0.12, consider applying a patch or fix to resolve the issue in the jpc dec process siz() function to prevent remote denial of service attacks.

Exploit

Fix

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

CVE-2017-13746

MGASA-2020-0337

Affected Products

Jasper

PT-2017-13067 · Jasper · Jasper

CVE-2017-13746

Weakness Enumeration

Related Identifiers

Affected Products

References · 11