Your submission was sent successfully! Close

CVE-2016-10248

Published: 15 March 2017

The jpc_tsfb_synthesize function in jpc_tsfb.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) via vectors involving an empty sequence.

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
jasper
Launchpad, Ubuntu, Debian
artful Does not exist

bionic Does not exist

precise Does not exist
(precise was needed)
trusty Does not exist
(trusty was released [1.900.1-14ubuntu3.5])
upstream Needs triage

xenial
Released (1.900.1-debian1-2.4ubuntu1.2)
yakkety Ignored
(reached end-of-life)
zesty Does not exist