RHSA-2015:0698High

Red Hat Security Advisory: rhevm-spice-client security, bug fix, and enhancement update

Published
March 18, 2015
Last Modified
June 27, 2026

🔗 CVE IDs covered (9)

📋 Description

CVE-2008-3520 — jasper: multiple integer overflows in jas_alloc calls CVE-2008-3522 — jasper: possible buffer overflow in jas_stream_printf() CVE-2011-4516 — jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) CVE-2011-4517 — jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) CVE-2014-8137 — jasper: double-free in in jas_iccattrval_destroy() (oCERT-2014-012) CVE-2014-8138 — jasper: heap overflow in jp2_decode() (oCERT-2014-012) CVE-2014-8157 — jasper: dec->numtiles off-by-one check in jpc_dec_process_sot() (oCERT-2015-001) CVE-2014-8158 — jasper: unrestricted stack memory use in jpc_qmfb.c (oCERT-2015-001) CVE-2014-9029 — jasper: incorrect component number check in COC, RGN and QCC marker segment decoders (oCERT-2014-009)

🔗 References (13)