Use-after-free vulnerability in the mifprocesscmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libjasper-dev", "binary_version": "1.900.1-14ubuntu3.5" }, { "binary_name": "libjasper-runtime", "binary_version": "1.900.1-14ubuntu3.5" }, { "binary_name": "libjasper-runtime-dbgsym", "binary_version": "1.900.1-14ubuntu3.5" }, { "binary_name": "libjasper1", "binary_version": "1.900.1-14ubuntu3.5" }, { "binary_name": "libjasper1-dbgsym", "binary_version": "1.900.1-14ubuntu3.5" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "binary_name": "libjasper-dev", "binary_version": "1.900.1-debian1-2.4ubuntu1.2" }, { "binary_name": "libjasper-runtime", "binary_version": "1.900.1-debian1-2.4ubuntu1.2" }, { "binary_name": "libjasper-runtime-dbgsym", "binary_version": "1.900.1-debian1-2.4ubuntu1.2" }, { "binary_name": "libjasper1", "binary_version": "1.900.1-debian1-2.4ubuntu1.2" }, { "binary_name": "libjasper1-dbgsym", "binary_version": "1.900.1-debian1-2.4ubuntu1.2" } ] }