CVE-2008-3522

Description

Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via vectors related to the mif_hdr_put function and use of vsprintf.

How to fix CVE-2008-3522

To remediate CVE-2008-3522, upgrade the affected package to a fixed version below.

• Debian/ghostscript—upgrade to 8.64~dfsg-2 or later

Is CVE-2008-3522 being exploited?

Low — EPSS is 4.3%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 8.64~dfsg-2

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-3522