CVE - CVE-2007-2721

CVE-ID
CVE-2007-2721	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The jpc_qcx_getcompparms function in jpc/jpc_cs.c for the JasPer JPEG-2000 library (libjasper) before 1.900 allows remote user-assisted attackers to cause a denial of service (crash) and possibly corrupt the heap via malformed image files, as originally demonstrated using imagemagick convert.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:24052 URL:http://www.securityfocus.com/bid/24052 CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413033 CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041 CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413041;msg=88 DEBIAN:DSA-2036 URL:http://www.debian.org/security/2010/dsa-2036 MANDRIVA:MDKSA-2007:129 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:129~~ (Obsolete source) MANDRIVA:MDKSA-2007:208 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:208~~ (Obsolete source) MANDRIVA:MDKSA-2007:209 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2007:209~~ (Obsolete source) MANDRIVA:MDVSA-2009:142 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:142~~ (Obsolete source) MANDRIVA:MDVSA-2009:164 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2009:164~~ (Obsolete source) OSVDB:36137 URL:~~http://osvdb.org/36137~~ (Obsolete source) OVAL:oval:org.mitre.oval:def:9397 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9397 REDHAT:RHSA-2009:0012 URL:http://www.redhat.com/support/errata/RHSA-2009-0012.html SECUNIA:25287 URL:http://secunia.com/advisories/25287 SECUNIA:25703 URL:http://secunia.com/advisories/25703 SECUNIA:26516 URL:http://secunia.com/advisories/26516 SECUNIA:27319 URL:http://secunia.com/advisories/27319 SECUNIA:27489 URL:http://secunia.com/advisories/27489 SECUNIA:39505 URL:http://secunia.com/advisories/39505 UBUNTU:USN-501-1 URL:http://www.ubuntu.com/usn/usn-501-1 UBUNTU:USN-501-2 URL:http://www.ubuntu.com/usn/usn-501-2 VUPEN:ADV-2010-0912 URL:~~http://www.vupen.com/english/advisories/2010/0912~~ (Obsolete source)
Assigning CNA
MITRE Corporation
Date Record Created
20070516	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20070516)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)