Remote Denial of Service Vulnerability in JasPer 2.0.12: Assertion Abort in jpc_dec_process_sot() Function

CVE-2017-13745 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

There is a reachable assertion abort in the function jpc_dec_process_sot() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack by triggering an unexpected jpc_ppmstabtostreams return value, a different vulnerability than CVE-2018-9154.

Learn more about our Web Application Penetration Testing UK.