{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2015-5221", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Use-after-free vulnerability in the mif_process_cmpt function in libjasper/mif/mif_cod.c in the JasPer JPEG-2000 library before 1.900.2 allows remote attackers to cause a denial of service (crash) via a crafted JPEG 2000 image file." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "[oss-security] 20150820 Use-after-free (and double-free) in Jasper JPEG-200 (CVE-2015-5221)", "refsource" : "MLIST", "url" : "http://www.openwall.com/lists/oss-security/2015/08/20/4" }, { "name" : "[debian-lts-announce] 20181121 [SECURITY] [DLA 1583-1] jasper security update", "refsource" : "MLIST", "url" : "https://lists.debian.org/debian-lts-announce/2018/11/msg00023.html" }, { "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1255710", "refsource" : "CONFIRM", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1255710" }, { "name" : "https://github.com/mdadams/jasper/commit/df5d2867e8004e51e18b89865bc4aa69229227b3", "refsource" : "CONFIRM", "url" : "https://github.com/mdadams/jasper/commit/df5d2867e8004e51e18b89865bc4aa69229227b3" }, { "name" : "FEDORA-2016-7776983633", "refsource" : "FEDORA", "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UNLVBZWDEXZCFWOBZ3YVEQINMRBRX5QV/" }, { "name" : "FEDORA-2016-9b17661de5", "refsource" : "FEDORA", "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3QIZNTZDXOJR5BTRZKCS3GVHVZV2PWHH/" }, { "name" : "FEDORA-2016-bbecf64af4", "refsource" : "FEDORA", "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AXWV22WGSQFDRPE7G6ECGP3QXS2V2A2M/" }, { "name" : "RHSA-2017:1208", "refsource" : "REDHAT", "url" : "https://access.redhat.com/errata/RHSA-2017:1208" }, { "name" : "openSUSE-SU-2016:2722", "refsource" : "SUSE", "url" : "http://lists.opensuse.org/opensuse-updates/2016-11/msg00010.html" }, { "name" : "openSUSE-SU-2016:2737", "refsource" : "SUSE", "url" : "http://lists.opensuse.org/opensuse-updates/2016-11/msg00018.html" }, { "name" : "openSUSE-SU-2016:2833", "refsource" : "SUSE", "url" : "http://lists.opensuse.org/opensuse-updates/2016-11/msg00064.html" }, { "name" : "USN-3693-1", "refsource" : "UBUNTU", "url" : "https://usn.ubuntu.com/3693-1/" } ] } }