NuytsTech Security

CVE-2016-8693

by ·

Double free vulnerability in the mem_close function in jas_stream.c in JasPer before 1.900.10 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image to the imginfo command.

Date published : 2017-02-15

http://www.securityfocus.com/bid/93587

https://bugzilla.redhat.com/show_bug.cgi?id=1385507

Tags: