CVE-2017-1000050

Impact:
Low
Public Date:
2017-03-05
CWE:
CWE-476
Bugzilla:
1472888: CVE-2017-1000050 jasper: NULL pointer exception in jp2_encode()

The MITRE CVE dictionary describes this issue as:

JasPer 2.0.12 is vulnerable to a NULL pointer exception in the function jp2_encode which failed to check to see if the image contained at least one component resulting in a denial-of-service.

Find out more about CVE-2017-1000050 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v3 metrics

CVSS3 Base Score 5.5
CVSS3 Base Metrics CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required None
User Interaction Required
Scope Unchanged
Confidentiality None
Integrity Impact None
Availability Impact High

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 7 (jasper) RHSA-2018:3253 2018-10-30

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 6 jasper Will not fix
Red Hat Enterprise Linux 5 netpbm Not affected
RHEV Manager 3 mingw-virt-viewer Will not fix
Last Modified

CVE description copyright © 2017, The MITRE Corporation