VDB
CVE-2017-5503
CVE-2017-5503
PUBLISHED
Reported by mitre · Published March 1, 2017
The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a |
Exploit Intelligence
Timeline
- Mar 1, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- x_refsource_MISC
- 95683 vdb-entryx_refsource_BID
- [oss-security] 20170117 Re: Re: jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) mailing-listx_refsource_MLIST
- [oss-security] 20170116 jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) mailing-listx_refsource_MLIST
- GLSA-201908-03 vendor-advisoryx_refsource_GENTOO
- openSUSE-SU-2020:1517 vendor-advisoryx_refsource_SUSE
- openSUSE-SU-2020:1523 vendor-advisoryx_refsource_SUSE