CVE-2007-2721 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-2721
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-2721

Description: The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.

CVE Status: Candidate

References: UBUNTU http://www.ubuntu.com/usn/usn-501-2 http://www.ubuntu.com/usn/usn-501-1 SAID Secunia Advisory: SA25287 Secunia Advisory: SA25703 Secunia Advisory: SA26516 Secunia Advisory: SA27319 Secunia Advisory: SA27489 REDHAT http://www.redhat.com/support/errata/RHSA-2009-0012.html OSVDB 36137 MANDRIVA http://www.mandriva.com/security/advisories?name=MDVSA-2009:164 http://www.mandriva.com/security/advisories?name=MDVSA-2009:142 http://www.mandriva.com/security/advisories?name=MDKSA-2007:208 http://www.mandriva.com/security/advisories?name=MDKSA-2007:209 http://www.mandriva.com/security/advisories?name=MDKSA-2007:129 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041;msg=88 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413033 BID 24052

Return to the previous page.