Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-8885

The bmp_getdata function in libjasper/bmp/bmp_dec.c in JasPer before 1.900.9 allows remote attackers to cause a denial of service (NULL pointer dereference) by calling the imginfo command with a crafted BMP image.

See the

CVE page on Mitre.org for more details.

References

MLIST: [oss-security] 2016102...
MLIST: [oss-security] 2016102...
MLIST: [oss-security] 2016102...
MISC: https://blogs.gentoo.o...
CONFIRM: https://bugzilla.redha...
FEDORA: FEDORA-2016-6c789ba91d
FEDORA: FEDORA-2016-e0f0d48142
BID: 93834
REDHAT: RHSA-2017:1208

Launchpad.net

CVE 2016-8885

Related bugs

References