Your submission was sent successfully! Close

CVE-2007-2721

Published: 16 May 2007

The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.

Priority

Medium

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
Upstream
Released (8.61 svn r8298)
gs-gpl
Launchpad, Ubuntu, Debian
Upstream Needs triage

jasper
Launchpad, Ubuntu, Debian
Upstream
Released (1.900)