Vulnerabilities

CVE-2016-1577

by Fred · 13/04/2016

Double free vulnerability in the jas_iccattrval_destroy function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ICC color profile in a JPEG 2000 image file, a different vulnerability than CVE-2014-8137.

Date published : 2016-04-13

http://www.securityfocus.com/bid/84133

https://bugs.launchpad.net/ubuntu/+source/jasper/+bug/1547865

Similar

Tags: Cybersecurity Alert