Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-03-23 CVE-2016-9397 Reachable Assertion vulnerability in multiple products
The jpc_dequantize function in jpc_dec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service (assertion failure) via unspecified vectors.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
2017-03-23 CVE-2016-9396 Unspecified vulnerability in Jasper Project Jasper
The JPC_NOMINALGAIN function in jpc/jpc_t1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service (JPC_COX_RFT assertion failure) via unspecified vectors.
network
low complexity
jasper-project
7.5
2017-03-23 CVE-2016-9395 Improper Input Validation vulnerability in Jasper Project Jasper
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
local
low complexity
jasper-project CWE-20
5.5
2017-03-23 CVE-2016-9394 Improper Input Validation vulnerability in Jasper Project Jasper
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
local
low complexity
jasper-project CWE-20
5.5
2017-03-23 CVE-2016-9393 Unspecified vulnerability in Jasper Project Jasper 1.900.17
The jpc_pi_nextrpcl function in jpc_t2cod.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
local
low complexity
jasper-project
5.5
2017-03-23 CVE-2016-9392 Unspecified vulnerability in Jasper Project Jasper
The calcstepsizes function in jpc_dec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service (assertion failure) via a crafted file.
local
low complexity
jasper-project
5.5
2017-03-23 CVE-2016-9391 Unspecified vulnerability in Jasper Project Jasper
The jpc_bitstream_getbits function in jpc_bs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service (assertion failure) via a very large integer.
network
low complexity
jasper-project
7.5
2017-03-23 CVE-2016-9390 Improper Input Validation vulnerability in Jasper Project Jasper
The jas_seq2d_create function in jas_seq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
local
low complexity
jasper-project CWE-20
5.5
2017-03-23 CVE-2016-9389 Unspecified vulnerability in Jasper Project Jasper
The jpc_irct and jpc_iict functions in jpc_mct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service (assertion failure).
network
low complexity
jasper-project
7.5
2017-03-23 CVE-2016-9388 Reachable Assertion vulnerability in multiple products
The ras_getcmap function in ras_dec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service (assertion failure) via a crafted image file.
local
low complexity
jasper-project canonical CWE-617
5.5