{"id":"CVE-2016-10249","details":"Integer overflow in the jpc_dec_tiledecode function in jpc_dec.c in JasPer before 1.900.12 allows remote attackers to have unspecified impact via a crafted image file, which triggers a heap-based buffer overflow.","modified":"2026-04-16T06:24:55.505611472Z","published":"2017-03-15T14:59:00.307Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/93838"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3827"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:1208"},{"type":"FIX","url":"https://blogs.gentoo.org/ago/2016/10/23/jasper-heap-based-buffer-overflow-in-jpc_dec_tiledecode-jpc_dec-c/"},{"type":"FIX","url":"https://github.com/mdadams/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jasper-software/jasper","events":[{"introduced":"0"},{"fixed":"988f8365f7d8ad8073b6786e433d34c553ecf568"}]},{"type":"GIT","repo":"https://github.com/mdadams/jasper","events":[{"introduced":"0"},{"last_affected":"c5e348fe606635378bce71b658e3e899517208c2"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.900.11"}]}}],"versions":["version-1.900.1","version-1.900.10","version-1.900.11","version-1.900.2","version-1.900.3","version-1.900.4","version-1.900.5","version-1.900.6","version-1.900.7","version-1.900.8","version-1.900.9"],"database_specific":{"vanir_signatures_modified":"2026-04-11T03:43:37Z","vanir_signatures":[{"deprecated":false,"signature_version":"v1","id":"CVE-2016-10249-945a7f8b","target":{"file":"src/libjasper/base/jas_malloc.c","function":"jas_realloc"},"digest":{"length":268,"function_hash":"300478963168570331364040884393286397351"},"source":"https://github.com/jasper-software/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","id":"CVE-2016-10249-b5b2aa64","target":{"file":"src/libjasper/base/jas_malloc.c"},"digest":{"line_hashes":["224728097634974464902147702675679673510","227679662129121746679273766097734534711","297876043422692014803926771248806648017","128844959535177949372273000816554496721","282867653870788863673869149389959335594","218169481852701438493356891934225779225","10944063086675199930821855458879307967","26187815982908386493510520381612832466"],"threshold":0.9},"source":"https://github.com/jasper-software/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","id":"CVE-2016-10249-eeb3cd3c","target":{"file":"src/libjasper/base/jas_seq.c"},"digest":{"line_hashes":["44323687333533617319453288928927361252","210302531567909090120930747627734342435","334590671142675082474223698543763095998","258279521105178228459056989138676469121","49451047680289029338474820356832621327","181351937152548624173973933771369711923","138696785231965673721718685731897860876","257706036048045309975110992950935290514","140679284528583326243928979501545445853","268221771023073486752551875176599356688","258572505434520516348566004854204540029","294342430429536547676291893321756856026","299669753658418825268661979562225213802","161125289038828544111129104458484422970","15882812099099494741192142950015689719","265521762874007337423000192320183174111","160839986862202076876568898342939773822","38014062894216826713984996018803786098","41239960370357698123881764134313518489","62944039980261900189158568577827797288","28262054680385894056278409879466471608","227204251966232434670100350774141092594","175751363467648750190859222830538514459","160839986862202076876568898342939773822","159317712119973861672055694226920808719","9721974707437936973997726115255104467","260898893156259557819223478899057526385","241945187954586627623367713838136367184","153140681974549216992849125026359082370"],"threshold":0.9},"source":"https://github.com/jasper-software/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568","signature_type":"Line"},{"deprecated":false,"signature_version":"v1","id":"CVE-2016-10249-f2d77cdc","target":{"file":"src/libjasper/base/jas_malloc.c","function":"jas_malloc"},"digest":{"length":219,"function_hash":"159357830609375727047627300561463677202"},"source":"https://github.com/jasper-software/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568","signature_type":"Function"},{"deprecated":false,"signature_version":"v1","id":"CVE-2016-10249-ff9fea05","target":{"file":"src/libjasper/base/jas_seq.c","function":"jas_matrix_create"},"digest":{"length":953,"function_hash":"277604512109896122372543693420945674317"},"source":"https://github.com/jasper-software/jasper/commit/988f8365f7d8ad8073b6786e433d34c553ecf568","signature_type":"Function"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10249.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}