The jpcdecprocesssiz function in libjasper/jpc/jpcdec.c in JasPer before 1.900.4 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted XRsiz value in a BMP image to the imginfo command.
{ "ubuntu_priority": "negligible", "availability": "No subscription required", "binaries": [ { "binary_name": "libjasper-dev", "binary_version": "1.900.1-14ubuntu3.4" }, { "binary_name": "libjasper-runtime", "binary_version": "1.900.1-14ubuntu3.4" }, { "binary_name": "libjasper-runtime-dbgsym", "binary_version": "1.900.1-14ubuntu3.4" }, { "binary_name": "libjasper1", "binary_version": "1.900.1-14ubuntu3.4" }, { "binary_name": "libjasper1-dbgsym", "binary_version": "1.900.1-14ubuntu3.4" } ] }
{ "ubuntu_priority": "negligible", "availability": "No subscription required", "binaries": [ { "binary_name": "libjasper-dev", "binary_version": "1.900.1-debian1-2.4ubuntu1.1" }, { "binary_name": "libjasper-runtime", "binary_version": "1.900.1-debian1-2.4ubuntu1.1" }, { "binary_name": "libjasper-runtime-dbgsym", "binary_version": "1.900.1-debian1-2.4ubuntu1.1" }, { "binary_name": "libjasper1", "binary_version": "1.900.1-debian1-2.4ubuntu1.1" }, { "binary_name": "libjasper1-dbgsym", "binary_version": "1.900.1-debian1-2.4ubuntu1.1" } ] }