|Description||Out of bounds heap read in jpc_pi_nextpcrl()|
|Source||CVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)|
Vulnerable and fixed packages
The table below lists information on source packages.
|jessie (security), jessie||1.900.1-debian1-2.4+deb8u3||vulnerable|
The information below is based on the following data on fixed versions.
|Package||Type||Release||Fixed Version||Urgency||Origin||Debian Bugs|
Fixed by https://github.com/mdadams/jasper/commit/99a50593254d1b53002719bbecfc946c84b23d27
The issue exists due to an overflow check which is not present
in Wheezy and Jessie. However it makes sense to implement this check.
This can be done when more important issues are found [wheezy].
Not suitable for code injection, hardly denial of service