Integer Overflow Vulnerabilities in JasPer Image Library Leading to Denial of Service and Use After Free

Integer Overflow Vulnerabilities in JasPer Image Library Leading to Denial of Service and Use After Free

CVE-2016-9262 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities.

Learn more about our Web Application Penetration Testing UK.