CVE-2016-9583

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2016-9583
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9583.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-9583
Downstream
Related
Published
2018-08-01T17:29:00Z
Modified
2025-10-15T08:30:45.572263Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An out-of-bounds heap read vulnerability was found in the jpcpinextpcrl() function of jasper before 2.0.6 when processing crafted input.

References

Affected packages

Git / github.com/jasper-software/jasper

Affected ranges

Type
GIT
Repo
https://github.com/jasper-software/jasper
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d
Fixed
f25486c3d4aa472fec79150f2c41ed4333395d3d
Type
GIT
Repo
https://github.com/mdadams/jasper
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
be67b65abd0b4727b8b98cc12b59218561aefbba

Affected versions

Other

mdadams-clang-issue

version-1.*

version-1.900.1
version-1.900.10
version-1.900.11
version-1.900.12
version-1.900.13
version-1.900.14
version-1.900.15
version-1.900.16
version-1.900.17
version-1.900.18
version-1.900.19
version-1.900.2
version-1.900.20
version-1.900.21
version-1.900.22
version-1.900.23
version-1.900.24
version-1.900.25
version-1.900.26
version-1.900.27
version-1.900.28
version-1.900.29
version-1.900.3
version-1.900.30
version-1.900.31
version-1.900.4
version-1.900.5
version-1.900.6
version-1.900.7
version-1.900.8
version-1.900.9

version-2.*

version-2.0.0
version-2.0.0-beta.1
version-2.0.0-beta.2
version-2.0.1
version-2.0.2
version-2.0.3
version-2.0.4
version-2.0.5

Database specific 

{
    "vanir_signatures": [
        {
            "id": "CVE-2016-9583-1d0fdefb",
            "signature_type": "Function",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c",
                "function": "jpc_pi_nextpcrl"
            },
            "source": "https://github.com/jasper-software/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d",
            "digest": {
                "function_hash": "229357773841787597542836706636688272757",
                "length": 2891.0
            },
            "deprecated": false,
            "signature_version": "v1"
        },
        {
            "id": "CVE-2016-9583-1d59b3e3",
            "signature_type": "Function",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c",
                "function": "jpc_pi_nextcprl"
            },
            "source": "https://github.com/jasper-software/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d",
            "digest": {
                "function_hash": "101649940697566588668569505502566673292",
                "length": 3126.0
            },
            "deprecated": false,
            "signature_version": "v1"
        },
        {
            "id": "CVE-2016-9583-3f3eee64",
            "signature_type": "Line",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c"
            },
            "source": "https://github.com/jasper-software/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "76046811373635138994273651784537904216",
                    "77170917514984923131795498582393752865",
                    "218161562009849185040788517163987921882",
                    "71004272932463797870134322351281497816",
                    "2226618095858842688844805833123569353",
                    "20291483828154380566995138842762868800",
                    "10569523255311290312790915988156150105",
                    "36539532521627043475591919756337940217",
                    "127118164596308144680491117010486093521",
                    "319190536247087752243160103132479944052",
                    "249477897257943548225768957271196638257",
                    "240097045700587730028063697544631200674",
                    "244979800254135918839574329475967313372",
                    "185322458923865332444729054102095226030",
                    "35258226244143295136488049194658767484",
                    "31650396589587437552966618962124651297",
                    "233474337354533259542487654900534703574",
                    "223131863458772104468468724845052956874",
                    "224822972969045047794733867040604615592",
                    "193041954980164523961774389856040052756",
                    "28358825345365660111249483282297598019",
                    "26069384087220063771981873251622785268",
                    "119796533562898460557783589838608270844",
                    "158332060735659374925163957932980341898",
                    "234620628400447244415669446557076230338",
                    "65243341767006019528165532080531137393",
                    "237406085935926331877091195284126393137",
                    "325115742102582045224743750880358018022",
                    "30693029952555506351869170735981832284",
                    "58822322899139123254992036560551534001",
                    "247365377581573090869863068759153090052",
                    "115969653954998056091658806414211171780",
                    "296448336514631402773126469151012576930",
                    "129135795651286035458667479568250698108",
                    "189769777837324779334608856476710820148",
                    "193867499551659243752650703651699372642",
                    "331678878903697085981695740848787946950",
                    "286442901174166503706304758001230656881",
                    "126368918117204250507362348099073811657",
                    "43450351916781748864600115559105676038",
                    "84808611277771588067162670076834869781",
                    "232923153825435402764618930105086921183",
                    "297131946601869719730078737913898172633",
                    "297893218366117645114969153424858743297",
                    "116076871864862106294029972021273834301",
                    "19521899503408518769724411958978352234",
                    "218285233182378092268023131151074716021",
                    "215605693293663989771846549740939172186",
                    "224822972969045047794733867040604615592",
                    "193041954980164523961774389856040052756",
                    "28358825345365660111249483282297598019",
                    "26069384087220063771981873251622785268",
                    "119796533562898460557783589838608270844",
                    "120891072019545283083375320112444031331",
                    "234620628400447244415669446557076230338",
                    "65243341767006019528165532080531137393",
                    "237406085935926331877091195284126393137",
                    "58258389114354096853325218832132923895",
                    "172203641125065899100986598817763413275",
                    "267610441893230968186412596064076798555",
                    "188040126486216934775320176351790718958",
                    "44849565462525075366761066144258810849",
                    "205602058246656309900046845815445942166",
                    "323041948791230186137053327575542925283",
                    "83029025615946028708375845178554425021",
                    "232923153825435402764618930105086921183",
                    "297131946601869719730078737913898172633",
                    "297893218366117645114969153424858743297",
                    "116076871864862106294029972021273834301",
                    "19521899503408518769724411958978352234",
                    "218285233182378092268023131151074716021",
                    "215605693293663989771846549740939172186",
                    "224822972969045047794733867040604615592",
                    "193041954980164523961774389856040052756",
                    "28358825345365660111249483282297598019",
                    "266142114665985186365689501811108052109",
                    "180045520544452117551367598977509781011",
                    "206958073917133144534949243776140577917",
                    "214895281256448126239968921802016256430",
                    "114901085653473573016545794389187582341",
                    "151635545287270114368360681630776092647",
                    "274333162242857247856831134286475613054",
                    "109700637302186618279353669707542644313",
                    "237406085935926331877091195284126393137",
                    "325115742102582045224743750880358018022"
                ]
            },
            "deprecated": false,
            "signature_version": "v1"
        },
        {
            "id": "CVE-2016-9583-d9163f21",
            "signature_type": "Function",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c",
                "function": "jpc_pi_nextrpcl"
            },
            "source": "https://github.com/jasper-software/jasper/commit/f25486c3d4aa472fec79150f2c41ed4333395d3d",
            "digest": {
                "function_hash": "175828168267191850202896252645788233293",
                "length": 3195.0
            },
            "deprecated": false,
            "signature_version": "v1"
        },
        {
            "id": "CVE-2016-9583-ede47ba8",
            "signature_type": "Function",
            "target": {
                "file": "src/libjasper/jpc/jpc_t2cod.c",
                "function": "jpc_pi_nextrpcl"
            },
            "source": "https://github.com/jasper-software/jasper/commit/aa0b0f79ade5eef8b0e7a214c03f5af54b36ba7d",
            "digest": {
                "function_hash": "261215937801547403553902024992116877422",
                "length": 2889.0
            },
            "deprecated": false,
            "signature_version": "v1"
        }
    ]
}