Public Date:
346501: CVE-2007-2721 jasper crash in jpc_qcx_getcompparms

The MITRE CVE dictionary describes this issue as:

The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.

Find out more about CVE-2007-2721 from the MITRE CVE dictionary dictionary and NIST NVD.


Not vulnerable. This issue did not affect versions of ghostscript as shipped with Red Hat Enterprise Linux 2.1, 3, 4 or 5 as they do not include a bundled JasPer library.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 4 (netpbm) RHSA-2009:0012 2009-02-11
Red Hat Enterprise Linux version 5 (netpbm) RHSA-2009:0012 2009-02-11