mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
0xMarcio
788 B
788 B
CVE-2017-5504
Description
The jpc_undo_roi function in libjasper/jpc/jpc_dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted image.
POC
Reference
- https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c/
- https://blogs.gentoo.org/ago/2017/01/16/jasper-invalid-memory-read-in-jpc_undo_roi-jpc_dec-c/