漏洞信息详情

JasPer 1.900.1 多个整数值溢出漏洞

  • CNNVD编号:CNNVD-200810-015
  • 危害等级: 超危
  • CVE编号: CVE-2008-3520
  • 漏洞类型: 数字错误
  • 发布时间: 2008-10-02
  • 威胁类型: 远程
  • 更新时间: 2009-03-26
  • 厂        商: jasper_project
  • 漏洞来源: Marc Espie and Chr...

漏洞简介

JasPer的多个整数值溢出漏洞,攻击者可以通过一个精心设计的图像文件造成未知影响,它与内存分配的整数值乘法有关。

漏洞公告

目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:

MandrakeSoft Linux Mandrake 2008.1 x86_64

Mandriva ghostscript-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-common-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-doc-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-dvipdf-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-module-X-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-X-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva jasper-1.900.1-3.1mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64gs8-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64gs8-devel-8.61-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64ijs1-0.35-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64ijs1-devel-0.35-60.2mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64jasper1-1.900.1-3.1mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64jasper1-devel-1.900.1-3.1mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64jasper1-static-devel-1.900.1-3.1mdv2008.1.x86_64.rpm

http://www.mandriva.com/en/download/

Ubuntu Ubuntu Linux 7.10 powerpc

Ubuntu libjasper-dev_1.900.1-3ubuntu0.7.10.1_powerpc.deb

http://security.ubuntu.com/ubuntu/pool/main/j/jasper/libjasper-dev_1.9 00.1-3ubuntu0.7.10.1_powerpc.deb

Ubuntu libjasper-runtime_1.900.1-3ubuntu0.7.10.1_powerpc.deb

http://security.ubuntu.com/ubuntu/pool/universe/j/jasper/libjasper-run time_1.900.1-3ubuntu0.7.10.1_powerpc.deb

Ubuntu libjasper1_1.900.1-3ubuntu0.7.10.1_powerpc.deb

http://security.ubuntu.com/ubuntu/pool/main/j/jasper/libjasper1_1.900. 1-3ubuntu0.7.10.1_powerpc.deb

MandrakeSoft Linux Mandrake 2008.1

Mandriva ghostscript-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-common-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-doc-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-dvipdf-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-module-X-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-X-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva jasper-1.900.1-3.1mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libgs8-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libgs8-devel-8.61-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libijs1-0.35-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libijs1-devel-0.35-60.2mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libjasper1-1.900.1-3.1mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libjasper1-devel-1.900.1-3.1mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

Mandriva libjasper1-static-devel-1.900.1-3.1mdv2008.1.i586.rpm

http://www.mandriva.com/en/download/

MandrakeSoft Linux Mandrake 2009.1 x86_64

Mandriva ghostscript-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-common-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-doc-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-dvipdf-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-module-X-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva ghostscript-X-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva jasper-1.900.1-5.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64gs8-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/en/download/

Mandriva lib64gs8-devel-8.64-65.1mdv2009.1.x86_64.rpm

http://www.mandriva.com/e

参考网址

来源: BID

名称: 31470

链接:http://www.securityfocus.com/bid/31470

来源: MISC

链接:http://bugs.gentoo.org/show_bug.cgi?id=222819

来源: XF

名称: jasper-image-file-bo(45621)

链接:http://xforce.iss.net/xforce/xfdb/45621

来源: UBUNTU

名称: USN-742-1

链接:http://www.ubuntu.com/usn/USN-742-1

来源: REDHAT

名称: RHSA-2009:0012

链接:http://www.redhat.com/support/errata/RHSA-2009-0012.html

来源: MANDRIVA

名称: MDVSA-2009:164

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:164

来源: MANDRIVA

名称: MDVSA-2009:144

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:144

来源: MANDRIVA

名称: MDVSA-2009:142

链接:http://www.mandriva.com/security/advisories?name=MDVSA-2009:142

来源: GENTOO

名称: GLSA-200812-18

链接:http://security.gentoo.org/glsa/glsa-200812-18.xml

来源: SECUNIA

名称: 34391

链接:http://secunia.com/advisories/34391

来源: SECUNIA

名称: 33173

链接:http://secunia.com/advisories/33173

补丁

    暂无

漏洞信息快速查询

相关漏洞

更多