OVAL Reference oval:org.mitre.oval:def:28259

CVE-2014-8137) and a heap-based buffer overflow flaw (CVE-2014-8138) in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code."> OVAL Reference oval:org.mitre.oval:def:28259 - CERT Civis.Net

Oval Definition:

oval:org.mitre.oval:def:28259

Revision Date:	2015-02-23	Version:	4
Title:	DSA-3106-1 -- jasper security update
Description:	Jose Duart of the Google Security Team discovered a double free flaw (CVE-2014-8137) and a heap-based buffer overflow flaw (CVE-2014-8138) in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.
Family:	unix	Class:	patch
Status:	ACCEPTED	Reference(s):	CVE-2014-8137 CVE-2014-8138 DSA-3106-1
Platform(s):	Debian GNU/kFreeBSD 7.0 Debian GNU/Linux 7.0	Product(s):	jasper
Definition Synopsis
Debian 7 is installed AND GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed OR Debian GNU/kFreeBSD is installed AND jasper is earlier than 0:1.900.1-13+deb7u2

BACK