English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.882714
Kategorie:CentOS Local Security Checks
Titel:CentOS Update for jasper CESA-2017:1208 centos7
Zusammenfassung:Check the version of jasper
Beschreibung:Summary:
Check the version of jasper

Vulnerability Insight:
JasPer is an implementation of Part 1 of
the JPEG 2000 image compression standard.


Security Fix(es):


Multiple flaws were found in the way JasPer decoded JPEG 2000 image files.
A specially crafted file could cause an application using JasPer to crash
or, possibly, execute arbitrary code.


Multiple flaws were found in the way JasPer decoded JPEG 2000 image files.
A specially crafted file could cause an application using JasPer to crash.


Red Hat would like to thank Liu Bingchang (IIE) for reporting
CVE-2016-8654, CVE-2016-9583, CVE-2016-9591, and CVE-2016-9600 Gustavo
Grieco for reporting CVE-2015-5203 and Josselin Feist for reporting
CVE-2015-5221.

Affected Software/OS:
jasper on CentOS 7

Solution:
Please Install the Updated Packages.

CVSS Score:
6.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-5203
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNLVBZWDEXZCFWOBZ3YVEQINMRBRX5QV/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QIZNTZDXOJR5BTRZKCS3GVHVZV2PWHH/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AXWV22WGSQFDRPE7G6ECGP3QXS2V2A2M/
https://security.gentoo.org/glsa/201707-07
https://lists.debian.org/debian-lts-announce/2018/11/msg00023.html
http://www.openwall.com/lists/oss-security/2015/08/16/2
RedHat Security Advisories: RHSA-2017:1208
https://access.redhat.com/errata/RHSA-2017:1208
SuSE Security Announcement: openSUSE-SU-2016:2722 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-11/msg00010.html
SuSE Security Announcement: openSUSE-SU-2016:2737 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-11/msg00018.html
SuSE Security Announcement: openSUSE-SU-2016:2833 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-11/msg00064.html
https://usn.ubuntu.com/3693-1/
Common Vulnerability Exposure (CVE) ID: CVE-2015-5221
http://www.openwall.com/lists/oss-security/2015/08/20/4
Common Vulnerability Exposure (CVE) ID: CVE-2016-10248
BugTraq ID: 93797
http://www.securityfocus.com/bid/93797
https://blogs.gentoo.org/ago/2016/10/20/jasper-null-pointer-dereference-in-jpc_tsfb_synthesize-jpc_tsfb-c/
Common Vulnerability Exposure (CVE) ID: CVE-2016-10249
BugTraq ID: 93838
http://www.securityfocus.com/bid/93838
Debian Security Information: DSA-3827 (Google Search)
http://www.debian.org/security/2017/dsa-3827
https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/
Common Vulnerability Exposure (CVE) ID: CVE-2016-10251
BugTraq ID: 97584
http://www.securityfocus.com/bid/97584
https://blogs.gentoo.org/ago/2016/11/04/jasper-use-of-uninitialized-value-in-jpc_pi_nextcprl-jpc_t2cod-c/
https://www.oracle.com/security-alerts/cpuapr2020.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-1577
BugTraq ID: 84133
http://www.securityfocus.com/bid/84133
Debian Security Information: DSA-3508 (Google Search)
http://www.debian.org/security/2016/dsa-3508
http://www.openwall.com/lists/oss-security/2016/03/03/12
http://www.ubuntu.com/usn/USN-2919-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-1867
BugTraq ID: 81488
http://www.securityfocus.com/bid/81488
Debian Security Information: DSA-3785 (Google Search)
http://www.debian.org/security/2017/dsa-3785
http://www.openwall.com/lists/oss-security/2016/01/13/2
http://www.openwall.com/lists/oss-security/2016/01/13/6
Common Vulnerability Exposure (CVE) ID: CVE-2016-2089
BugTraq ID: 83108
http://www.securityfocus.com/bid/83108
http://www.openwall.com/lists/oss-security/2016/01/28/6
http://www.openwall.com/lists/oss-security/2016/01/28/4
SuSE Security Announcement: openSUSE-SU-2016:0408 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00060.html
SuSE Security Announcement: openSUSE-SU-2016:0413 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-02/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2116
Common Vulnerability Exposure (CVE) ID: CVE-2016-8654
BugTraq ID: 94583
http://www.securityfocus.com/bid/94583
https://www.debian.org/security/2017/dsa-3785
Common Vulnerability Exposure (CVE) ID: CVE-2016-8690
BugTraq ID: 93590
http://www.securityfocus.com/bid/93590
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/22FCKKHQCQ3S6TZY5G44EFDTMWOJXJRD/
https://blogs.gentoo.org/ago/2016/10/16/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c/
http://www.openwall.com/lists/oss-security/2016/08/23/6
http://www.openwall.com/lists/oss-security/2016/10/16/14
Common Vulnerability Exposure (CVE) ID: CVE-2016-8691
BugTraq ID: 93593
http://www.securityfocus.com/bid/93593
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/THLEZURI4D24PRM7SMASC5I25IAWXXTM/
https://blogs.gentoo.org/ago/2016/10/16/jasper-two-divide-by-zero-in-jpc_dec_process_siz-jpc_dec-c/
Common Vulnerability Exposure (CVE) ID: CVE-2016-8692
BugTraq ID: 93588
http://www.securityfocus.com/bid/93588
Common Vulnerability Exposure (CVE) ID: CVE-2016-8693
BugTraq ID: 93587
http://www.securityfocus.com/bid/93587
https://blogs.gentoo.org/ago/2016/10/16/jasper-double-free-in-mem_close-jas_stream-c/
Common Vulnerability Exposure (CVE) ID: CVE-2016-8883
BugTraq ID: 95865
http://www.securityfocus.com/bid/95865
http://www.openwall.com/lists/oss-security/2016/10/17/1
http://www.openwall.com/lists/oss-security/2016/10/23/8
Common Vulnerability Exposure (CVE) ID: CVE-2016-8884
BugTraq ID: 93834
http://www.securityfocus.com/bid/93834
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EGI2FZQLOTSZI3VA4ECJERI74SMNQDL4/
https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690/
http://www.openwall.com/lists/oss-security/2016/10/23/1
http://www.openwall.com/lists/oss-security/2016/10/23/9
Common Vulnerability Exposure (CVE) ID: CVE-2016-8885
https://blogs.gentoo.org/ago/2016/10/18/jasper-two-null-pointer-dereference-in-bmp_getdata-bmp_dec-c-incomplete-fix-for-cve-2016-8690
http://www.openwall.com/lists/oss-security/2016/10/23/5
Common Vulnerability Exposure (CVE) ID: CVE-2016-9262
BugTraq ID: 94224
http://www.securityfocus.com/bid/94224
https://blogs.gentoo.org/ago/2016/11/07/jasper-use-after-free-in-jas_realloc-jas_malloc-c
http://www.openwall.com/lists/oss-security/2016/11/10/4
Common Vulnerability Exposure (CVE) ID: CVE-2016-9387
BugTraq ID: 94374
http://www.securityfocus.com/bid/94374
https://blogs.gentoo.org/ago/2016/11/16/jasper-multiple-assertion-failure
http://www.openwall.com/lists/oss-security/2016/11/17/1
Common Vulnerability Exposure (CVE) ID: CVE-2016-9388
BugTraq ID: 94371
http://www.securityfocus.com/bid/94371
Common Vulnerability Exposure (CVE) ID: CVE-2016-9389
Common Vulnerability Exposure (CVE) ID: CVE-2016-9390
Common Vulnerability Exposure (CVE) ID: CVE-2016-9391
Common Vulnerability Exposure (CVE) ID: CVE-2016-9392
BugTraq ID: 94377
http://www.securityfocus.com/bid/94377
Common Vulnerability Exposure (CVE) ID: CVE-2016-9393
Common Vulnerability Exposure (CVE) ID: CVE-2016-9394
BugTraq ID: 94372
http://www.securityfocus.com/bid/94372
Common Vulnerability Exposure (CVE) ID: CVE-2016-9560
BugTraq ID: 94428
http://www.securityfocus.com/bid/94428
https://blogs.gentoo.org/ago/2016/11/20/jasper-stack-based-buffer-overflow-in-jpc_tsfb_getbands2-jpc_tsfb-c/
https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2016-9560
http://www.openwall.com/lists/oss-security/2016/11/20/1
http://www.openwall.com/lists/oss-security/2016/11/23/5
Common Vulnerability Exposure (CVE) ID: CVE-2016-9583
BugTraq ID: 94925
http://www.securityfocus.com/bid/94925
Common Vulnerability Exposure (CVE) ID: CVE-2016-9591
BugTraq ID: 94952
http://www.securityfocus.com/bid/94952
https://www.debian.org/security/2017/dsa-3827
Common Vulnerability Exposure (CVE) ID: CVE-2016-9600
CopyrightCopyright (C) 2017 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.