CVE-2016-9262

Multiple integer overflows in the (1) jas_realloc function in base/jas_malloc.c and (2) mem_resize function in base/jas_stream.c in JasPer before 1.900.22 allow remote attackers to cause a denial of service via a crafted image, which triggers use after free vulnerabilities.

Date published : 2017-03-23

http://www.securityfocus.com/bid/94224

https://bugzilla.redhat.com/show_bug.cgi?id=1393882