Vulnerabilities > CVE-2017-13750 - Reachable Assertion vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
jasper-project
fedoraproject
CWE-617
nessus

Summary

There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.

Vulnerable Configurations

Part Description Count
Application
Jasper_Project
1
OS
Fedoraproject
2

Common Weakness Enumeration (CWE)

Nessus

NASL familyGentoo Local Security Checks
NASL idGENTOO_GLSA-201908-03.NASL
descriptionThe remote host is affected by the vulnerability described in GLSA-201908-03 (JasPer: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in JasPer. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details. Workaround : There is no known workaround at this time.
last seen2020-06-01
modified2020-06-02
plugin id127561
published2019-08-12
reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/127561
titleGLSA-201908-03 : JasPer: Multiple vulnerabilities