Vulnerabilities > CVE-2017-14232 - Resource Management Errors vulnerability in multiple products

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

flif

jasper-project

CWE-399

NVD

Published: 2019-08-15

Updated: 2019-10-22

Summary

The read_chunk function in flif-dec.cpp in Free Lossless Image Format (FLIF) 0.3 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted flif file.

Vulnerable Configurations

Part	Description	Count
Application	Flif Flif Flif 0.3	1
Application	Jasper_Project Jasper Project Jasper - Jasper Project Jasper 1.900.1 Jasper Project Jasper 1.900.2 Jasper Project Jasper 1.900.3 Jasper Project Jasper 1.900.4 Jasper Project Jasper 1.900.5 Jasper Project Jasper 1.900.6 Jasper Project Jasper 1.900.7 Jasper Project Jasper 1.900.8 Jasper Project Jasper 1.900.9 Jasper Project Jasper 1.900.10 Jasper Project Jasper 1.900.11 Jasper Project Jasper 1.900.12 Jasper Project Jasper 1.900.13 Jasper Project Jasper 1.900.14 Jasper Project Jasper 1.900.15 Jasper Project Jasper 1.900.16 Jasper Project Jasper 1.900.17 Jasper Project Jasper 1.900.18 Jasper Project Jasper 1.900.19 Jasper Project Jasper 1.900.20 Jasper Project Jasper 1.900.21 Jasper Project Jasper 1.900.22 Jasper Project Jasper 1.900.23 Jasper Project Jasper 1.900.24 Jasper Project Jasper 1.900.25 Jasper Project Jasper 1.900.26 Jasper Project Jasper 1.900.27 Jasper Project Jasper 1.900.28 Jasper Project Jasper 1.900.29 Jasper Project Jasper 1.900.30 Jasper Project Jasper 1.900.31 Jasper Project Jasper 2.0.0 Jasper Project Jasper 2.0.1 Jasper Project Jasper 2.0.2 Jasper Project Jasper 2.0.3 Jasper Project Jasper 2.0.4 Jasper Project Jasper 2.0.5 Jasper Project Jasper 2.0.6 Jasper Project Jasper 2.0.7 Jasper Project Jasper 2.0.8 Jasper Project Jasper 2.0.9 Jasper Project Jasper 2.0.10 Jasper Project Jasper 2.0.11 Jasper Project Jasper 2.0.12 Jasper Project Jasper 2.0.13 Jasper Project Jasper 2.0.14 Jasper Project Jasper 2.0.15 Jasper Project Jasper 2.0.16	51

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References