Integer Overflow in JasPer Library Allows Remote Attackers to Trigger Assertion Failure

Integer Overflow in JasPer Library Allows Remote Attackers to Trigger Assertion Failure

CVE-2016-9387 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Integer overflow in the jpc_dec_process_siz function in libjasper/jpc/jpc_dec.c in JasPer before 1.900.13 allows remote attackers to have unspecified impact via a crafted file, which triggers an assertion failure.

Learn more about our Web Application Penetration Testing UK.