CVE-2014-8137

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:jasper_project:jasper:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Information

Published : 2014-12-24 10:59

Updated : 2018-01-04 18:29


NVD link : CVE-2014-8137

Mitre link : CVE-2014-8137


JSON object : View

Advertisement

dedicated server usa

Products Affected

jasper_project

  • jasper

redhat

  • enterprise_linux