VDB
CVE-2008-3520
CVE-2008-3520
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.
EPSS 2.61% · 86.0th percentile
Risk Scores
CVSS 2.0
9.300000190734863
EPSS Score
2.61%
86.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| jasper_project | jasper | 1.900.1 |
Exploit Intelligence
- 31470 (circl)
- MDVSA-2009:164 (circl)
- MDVSA-2009:144 (circl)
- RHSA-2009:0012 (circl)
- jasper-image-file-bo(45621) (circl)
- 34391 (circl)
- oval:org.mitre.oval:def:10141 (circl)
- MDVSA-2009:142 (circl)
- http://bugs.gentoo.org/show_bug.cgi?id=222819 (circl)
- USN-742-1 (circl)
…and 4 more exploits
Timeline
- Oct 2, 2008 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 2, 2022 CVE Updated
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 31470 vdb
- MDVSA-2009:164 vendor-advisory
- MDVSA-2009:144 vendor-advisory
- RHSA-2009:0012 vendor-advisory
- jasper-image-file-bo(45621) vdb
- 34391 third-party-advisory
- oval:org.mitre.oval:def:10141 vdb
- MDVSA-2009:142 vendor-advisory
- http://bugs.gentoo.org/show_bug.cgi?id=222819 url
- USN-742-1 vendor-advisory
- RHSA-2015:0698 vendor-advisory
- 33173 third-party-advisory
- GLSA-200812-18 vendor-advisory
- SSA:2015-302-02 vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2008-3520 advisory