The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1208 advisory.

    JasPer is an implementation of Part 1 of the JPEG 2000 image compression standard.

    Security Fix(es):

    Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could     cause an application using JasPer to crash or, possibly, execute arbitrary code. (CVE-2016-8654,     CVE-2016-9560, CVE-2016-10249, CVE-2015-5203, CVE-2015-5221, CVE-2016-1577, CVE-2016-8690, CVE-2016-8693,     CVE-2016-8884, CVE-2016-8885, CVE-2016-9262, CVE-2016-9591)

    Multiple flaws were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could     cause an application using JasPer to crash. (CVE-2016-1867, CVE-2016-2089, CVE-2016-2116, CVE-2016-8691,     CVE-2016-8692, CVE-2016-8883, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391,     CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9583, CVE-2016-9600, CVE-2016-10248, CVE-2016-10251)

    Red Hat would like to thank Liu Bingchang (IIE) for reporting CVE-2016-8654, CVE-2016-9583, CVE-2016-9591,     and CVE-2016-9600; Gustavo Grieco for reporting CVE-2015-5203; and Josselin Feist for reporting     CVE-2015-5221.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

RHEL 6 / 7 : jasper (RHSA-2017:1208)

high Nessus Plugin ID 100093

Version 3.12