Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
[oCERT-2015-001] JasPer input sanitization errors
Jan 21 2015 11:28PM
Andrea Barisani (lcars ocert org)
#2015-001 JasPer input sanitization errors
The JasPer project is an open source implementation for the JPEG-2000 codec.
The library is affected by an off-by-one error in a buffer boundary check in
jpc_dec_process_sot(), leading to a heap based buffer overflow, as well as
[ more ]
Copyright 2010, SecurityFocus