« List of all CVEs

CVE-2016-8691

Published: 2/15/2017 Last updated: 8/6/2024 Reserved: 10/15/2016

The jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

grib

Products affected (1)

Product Vendor Version
n/a n/a < 89bb36c72e1951843f9e04dc84412e31fcc849a9

References (18)