← back
CVE-2007-2721

CVE-2007-2721

EPSS 2.3%
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413033http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041%3Bmsg=88http://osvdb.org/36137http://secunia.com/advisories/25287http://secunia.com/advisories/25703http://secunia.com/advisories/26516http://secunia.com/advisories/27319http://secunia.com/advisories/27489http://secunia.com/advisories/39505https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9397http://www.debian.org/security/2010/dsa-2036