PT-2017-13072 · Jasper · Jasper

Published

2017-08-29

·

Updated

2024-06-15

·

CVE-2017-13750

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions JasPer version 2.0.12
Description The issue is related to a reachable assertion abort in the function jpc dec process siz() in jpc/jpc dec.c, which can lead to a remote denial of service attack.
Recommendations For JasPer version 2.0.12, consider applying a patch or fix to resolve the issue in the jpc dec process siz() function to prevent remote denial of service attacks.

Exploit

Fix

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

CVE-2017-13750
MGASA-2020-0337
OPENSUSE-SU-2024:10869-1

Affected Products

Jasper