CVE-2016-10251

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-10251
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-10251.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-10251
Downstream
Related
Published
2017-03-15T14:59:00Z
Modified
2025-09-19T07:47:32.963740Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Integer overflow in the jpcpinextcprl function in jpc_t2cod.c in JasPer before 1.900.20 allows remote attackers to have unspecified impact via a crafted file, which triggers use of an uninitialized value.

References

Affected packages

Git / github.com/jasper-software/jasper

Affected ranges

Type
GIT
Repo
https://github.com/jasper-software/jasper
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1f0dfe5a42911b6880a1445f13f6d615ddb55387
Type
GIT
Repo
https://github.com/mdadams/jasper
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
862ba25d9b17858a9855b5436446a615f2f012ee

Affected versions

Other

mdadams-clang-issue

version-1.*

version-1.900.1
version-1.900.10
version-1.900.11
version-1.900.12
version-1.900.13
version-1.900.14
version-1.900.15
version-1.900.16
version-1.900.17
version-1.900.18
version-1.900.19
version-1.900.2
version-1.900.3
version-1.900.4
version-1.900.5
version-1.900.6
version-1.900.7
version-1.900.8
version-1.900.9

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "165689953799654249991137220875181468194",
                    "128971190599696607672004705790472716209",
                    "340013551664966253502468683426121265696",
                    "54483453896853610045188167776453057765",
                    "230607466615026152507314415710810724118",
                    "215780355437930395610316330135737118086",
                    "76677039805164506382714206428313615043",
                    "190294190935024944023803776371007662069",
                    "95017682708229379985934189969499943622",
                    "102421614951700700255535907653668747968",
                    "60940970347038936967896411632513501654",
                    "156589362343188982671514040987431434435",
                    "269892895408404178832435594858801455765",
                    "37277427703805217467199849257421117167",
                    "321288862409269540886715717266957502046",
                    "49240917719790187032713506394057185720"
                ]
            },
            "id": "CVE-2016-10251-8a4eeec1",
            "source": "https://github.com/jasper-software/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.h"
            },
            "deprecated": false
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "166258483757804546597924709934186133410",
                    "253977191309708165760353445946583975220",
                    "215713522158653146175348022674833104",
                    "220709798285471084325188469490273586505",
                    "205394709244452991880971703800148336896",
                    "133989717379470354156069765785412958800",
                    "125791006374783685188298402338964341779",
                    "74465330962049681432873469299347392530",
                    "7843754396697231044177593896039678262",
                    "102160566508520355425429414497908587278",
                    "255647365525158235923073766583428674446",
                    "133636838350246599771700794233977370781",
                    "84047886545597970108647430679865689940",
                    "34594557878918465565411771624183116896",
                    "331526609333454698491062761269168822536"
                ]
            },
            "id": "CVE-2016-10251-f43c126b",
            "source": "https://github.com/jasper-software/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387",
            "signature_version": "v1",
            "signature_type": "Line",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c"
            },
            "deprecated": false
        },
        {
            "digest": {
                "function_hash": "4382887644061957087315080177743569799",
                "length": 3042.0
            },
            "id": "CVE-2016-10251-f715f06a",
            "source": "https://github.com/jasper-software/jasper/commit/1f0dfe5a42911b6880a1445f13f6d615ddb55387",
            "signature_version": "v1",
            "signature_type": "Function",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c",
                "function": "jpc_pi_nextcprl"
            },
            "deprecated": false
        }
    ]
}