Memory leak in the jasiccprofcreatefrombuf function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted ICC color profile in a JPEG 2000 image file.
{ "ubuntu_priority": "low", "availability": "No subscription required", "binaries": [ { "binary_name": "libjasper-dev", "binary_version": "1.900.1-14ubuntu3.3" }, { "binary_name": "libjasper-runtime", "binary_version": "1.900.1-14ubuntu3.3" }, { "binary_name": "libjasper-runtime-dbgsym", "binary_version": "1.900.1-14ubuntu3.3" }, { "binary_name": "libjasper1", "binary_version": "1.900.1-14ubuntu3.3" }, { "binary_name": "libjasper1-dbgsym", "binary_version": "1.900.1-14ubuntu3.3" } ] }
{ "ubuntu_priority": "low", "availability": "No subscription required", "binaries": [ { "binary_name": "libjasper-dev", "binary_version": "1.900.1-debian1-2.4ubuntu1" }, { "binary_name": "libjasper-runtime", "binary_version": "1.900.1-debian1-2.4ubuntu1" }, { "binary_name": "libjasper-runtime-dbgsym", "binary_version": "1.900.1-debian1-2.4ubuntu1" }, { "binary_name": "libjasper1", "binary_version": "1.900.1-debian1-2.4ubuntu1" }, { "binary_name": "libjasper1-dbgsym", "binary_version": "1.900.1-debian1-2.4ubuntu1" } ] }