Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-03-01 CVE-2017-5504 Out-of-bounds Read vulnerability in Jasper Project Jasper 1.900.17
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
local
low complexity
jasper-project CWE-125
5.5
5.5
2017-03-01 CVE-2017-5503 Out-of-bounds Write vulnerability in Jasper Project Jasper 1.900.27
The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.
local
low complexity
jasper-project CWE-787
5.5
5.5
2017-03-01 CVE-2017-5502 Unspecified vulnerability in Jasper Project Jasper 1.900.17
libjasper/jp2/jp2_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
local
low complexity
jasper-project
5.5
5.5
2017-03-01 CVE-2017-5501 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper 1.900.17
Integer overflow in libjasper/jpc/jpc_tsfb.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
local
low complexity
jasper-project CWE-190
5.5
5.5
2017-03-01 CVE-2017-5500 Unspecified vulnerability in Jasper Project Jasper 1.900.17
libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
local
low complexity
jasper-project
5.5
5.5
2017-03-01 CVE-2017-5499 Integer Overflow or Wraparound vulnerability in Jasper Project Jasper 1.900.17
Integer overflow in libjasper/jpc/jpc_dec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via a crafted file.
local
low complexity
jasper-project CWE-190
5.5
5.5
2017-03-01 CVE-2017-5498 Unspecified vulnerability in Jasper Project Jasper 1.900.17
libjasper/include/jasper/jas_math.h in JasPer 1.900.17 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
local
low complexity
jasper-project
5.5
5.5
2017-03-01 CVE-2016-9826 Numeric Errors vulnerability in Libav 11.8
libavcodec/ituh263dec.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
local
low complexity
libav CWE-189
5.5
5.5
2017-03-01 CVE-2016-9825 Numeric Errors vulnerability in Libav 11.8
libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via vectors involving left shift of a negative value.
local
low complexity
libav CWE-189
5.5
5.5
2017-03-01 CVE-2016-9824 Integer Overflow or Wraparound vulnerability in Libav 11.8
Integer overflow in libswscale/x86/swscale.c in libav 11.8 allows remote attackers to cause a denial of service (crash) via a crafted file.
local
low complexity
libav CWE-190
5.5
5.5