CVE-2017-14229 - There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It wil

CVE-2017-14229

Summary

There is an infinite loop in the jpc_dec_tileinit function in jpc/jpc_dec.c of Jasper 2.0.13. It will lead to a remote denial of service attack.

References

Vulnerable Configurations

cpe:2.3:a:jasper_project:jasper:2.0.13:*:*:*:*:*:*:*
cpe:2.3:a:jasper_project:jasper:2.0.13:*:*:*:*:*:*:*

CVSS

CWE

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	100861
confirm	https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
gentoo	GLSA-201908-03
misc	https://github.com/mdadams/jasper/issues/146

Last major update

03-10-2019 - 00:03

Published

09-09-2017 - 08:29

Last modified

03-10-2019 - 00:03