Back to search
CVE-2007-2721
Published: May 16, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
oval:org.mitre.oval:def:9397
vdb-entry
signature
x_refsource_OVAL
24052
vdb-entry
x_refsource_BID
USN-501-2
vendor-advisory
x_refsource_UBUNTU
27319
third-party-advisory
x_refsource_SECUNIA
36137
vdb-entry
x_refsource_OSVDB
MDVSA-2009:164
vendor-advisory
x_refsource_MANDRIVA
25287
third-party-advisory
x_refsource_SECUNIA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413033
x_refsource_CONFIRM
MDKSA-2007:209
vendor-advisory
x_refsource_MANDRIVA
DSA-2036
vendor-advisory
x_refsource_DEBIAN
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041
x_refsource_CONFIRM
RHSA-2009:0012
vendor-advisory
x_refsource_REDHAT
25703
third-party-advisory
x_refsource_SECUNIA
26516
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:129
vendor-advisory
x_refsource_MANDRIVA
27489
third-party-advisory
x_refsource_SECUNIA
MDVSA-2009:142
vendor-advisory
x_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041%3Bmsg=88
x_refsource_CONFIRM
39505
third-party-advisory
x_refsource_SECUNIA
MDKSA-2007:208
vendor-advisory
x_refsource_MANDRIVA
ADV-2010-0912
vdb-entry
x_refsource_VUPEN
USN-501-1
vendor-advisory
x_refsource_UBUNTU
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now