CVE-2017-5503 — Vulnetix

Try Vulnetix Request Demo

CVE-2017-5503 PUBLISHED

Reported by mitre · Published March 1, 2017

The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Mar 1, 2017 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Oct 24, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score
Jan 2, 2023 EPSS Score

References

x_refsource_MISC
95683 vdb-entryx_refsource_BID
[oss-security] 20170117 Re: Re: jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) mailing-listx_refsource_MLIST
[oss-security] 20170116 jasper: invalid memory write in dec_clnpass (jpc_t1dec.c) mailing-listx_refsource_MLIST
GLSA-201908-03 vendor-advisoryx_refsource_GENTOO
openSUSE-SU-2020:1517 vendor-advisoryx_refsource_SUSE
openSUSE-SU-2020:1523 vendor-advisoryx_refsource_SUSE

Open in Interactive Console →