Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Mandriva Security Update Fixes JasPer "jpc_qcx_getcompparms()" DoS Vulnerability

Title : Mandriva Security Update Fixes JasPer "jpc_qcx_getcompparms()" DoS Vulnerability
VUPEN ID : VUPEN/ADV-2007-2253
CVE ID : CVE-2007-2721
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-06-20

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format  Receive VUPEN Security notifications by SMS 

A vulnerability has been identified in Mandriva, which could be exploited by attackers to cause a denial of service. This issue is caused by an error in JasPer. For additional information, see : VUPEN/ADV-2007-2030

Affected Products

Mandriva Linux 2007.0
Mandriva Linux 2007.1
Mandriva Corporate 4.0

Solution

Upgrade the affected packages :

Mandriva Linux 2007.0:
fc28c38bdaf30d7a0c87a4066bf8bd9f 2007.0/i586/jasper-1.701.0-5.2mdv2007.0.i586.rpm
11d3d3624a4c0ffa7b946b1b16060b0d 2007.0/i586/libjasper1.701_1-1.701.0-5.2mdv2007.0.i586.rpm
d77cd77558fa6111cf55e0cafb6e11d1 2007.0/i586/libjasper1.701_1-devel-1.701.0-5.2mdv2007.0.i586.rpm
4207ac7d0628f908d3d500298949552e 2007.0/i586/libjasper1.701_1-static-devel-1.701.0-5.2mdv2007.0.i586.rpm
9403ba210044e473e3e49b73abc3b381 2007.0/SRPMS/jasper-1.701.0-5.2mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
3eba6fe2596ffee7435c45815c0575b3 2007.0/x86_64/jasper-1.701.0-5.2mdv2007.0.x86_64.rpm
536be18741b3a12b2314c95cabd9d122 2007.0/x86_64/lib64jasper1.701_1-1.701.0-5.2mdv2007.0.x86_64.rpm
da5b643b80457653cd320fcc7c044366 2007.0/x86_64/lib64jasper1.701_1-devel-1.701.0-5.2mdv2007.0.x86_64.rpm
6968049da9a8bce28b725f259078e29e 2007.0/x86_64/lib64jasper1.701_1-static-devel-1.701.0-5.2mdv2007.0.x86_64.rpm
9403ba210044e473e3e49b73abc3b381 2007.0/SRPMS/jasper-1.701.0-5.2mdv2007.0.src.rpm

Mandriva Linux 2007.1:
757db1c621e9a62b0c6ddc09939f9b50 2007.1/i586/jasper-1.701.0-6.2mdv2007.1.i586.rpm
33534112f73f9a1c3223cac0ad70dcd0 2007.1/i586/libjasper1.701_1-1.701.0-6.2mdv2007.1.i586.rpm
9cb7006b790bf88bb947409a196d320f 2007.1/i586/libjasper1.701_1-devel-1.701.0-6.2mdv2007.1.i586.rpm
37e418b847f994c430b4e2d015cde7cf 2007.1/i586/libjasper1.701_1-static-devel-1.701.0-6.2mdv2007.1.i586.rpm
5dce393b97e5e51dd2ab73a6e1bfc30a 2007.1/SRPMS/jasper-1.701.0-6.2mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
24e01092b065fa180cd0020c1560c481 2007.1/x86_64/jasper-1.701.0-6.2mdv2007.1.x86_64.rpm
4d7e7a3479782ab99da344e958b06c97 2007.1/x86_64/lib64jasper1.701_1-1.701.0-6.2mdv2007.1.x86_64.rpm
c05f8a80a9e0be928a148c48ac864299 2007.1/x86_64/lib64jasper1.701_1-devel-1.701.0-6.2mdv2007.1.x86_64.rpm
7c30e7642ec228a728b4477ed2c3af02 2007.1/x86_64/lib64jasper1.701_1-static-devel-1.701.0-6.2mdv2007.1.x86_64.rpm
5dce393b97e5e51dd2ab73a6e1bfc30a 2007.1/SRPMS/jasper-1.701.0-6.2mdv2007.1.src.rpm

Corporate 4.0:
b7cfcd228def50fdedcb0cd891d0d1ef corporate/4.0/i586/jasper-1.701.0-3.2.20060mlcs4.i586.rpm
613e148bd80a649a94847afaebe5f73f corporate/4.0/i586/libjasper1.701_1-1.701.0-3.2.20060mlcs4.i586.rpm
d87ce97a019a778648214f629ce25979 corporate/4.0/i586/libjasper1.701_1-devel-1.701.0-3.2.20060mlcs4.i586.rpm
ba3d7127d42fb47f05956f754b167cb6 corporate/4.0/i586/libjasper1.701_1-static-devel-1.701.0-3.2.20060mlcs4.i586.rpm
83f959601bbf25c3cdce83f07009f6a7 corporate/4.0/SRPMS/jasper-1.701.0-3.2.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
263b276f283c81693140adcde9be3ea2 corporate/4.0/x86_64/jasper-1.701.0-3.2.20060mlcs4.x86_64.rpm
7fbac34d3f7631ab7b3b244d49530986 corporate/4.0/x86_64/lib64jasper1.701_1-1.701.0-3.2.20060mlcs4.x86_64.rpm
ec28b58eb02493bf2d69fbd55fc5b2c2 corporate/4.0/x86_64/lib64jasper1.701_1-devel-1.701.0-3.2.20060mlcs4.x86_64.rpm
f8007f65086e970b1dd6f1011bb2c508 corporate/4.0/x86_64/lib64jasper1.701_1-static-devel-1.701.0-3.2.20060mlcs4.x86_64.rpm
83f959601bbf25c3cdce83f07009f6a7 corporate/4.0/SRPMS/jasper-1.701.0-3.2.20060mlcs4.src.rpm

References

http://www.vupen.com/english/advisories/2007/2253
http://archives.mandrivalinux.com/security-announce/2007-06/msg00029.php

ChangeLog

2007-06-20 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7


  >> 2009-05-12

     

  Microsoft Patched 14
  Office PowerPoint Flaws

 

  >> 2009-04-28

     

  Adobe Reader / Acrobat
  Vulnerabilities Disclosed

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy