CVE-2015-5203 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	NONE	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 46%

Vendor	Product	Version
opensuse	leap	42.2
opensuse	opensuse	13.1
opensuse	opensuse	13.2
opensuse_project	leap	42.1
jasper_project	jasper	1.900.17

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

jasper

bionic	dne
artful	dne
zesty	dne
yakkety	ignored
xenial	Fixed 1.900.1-debian1-2.4ubuntu1.2 released
wily	ignored
vivid	ignored
trusty	Fixed 1.900.1-14ubuntu3.5 released
precise	ignored

Common Weakness Enumeration

CWE-415 - Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References

http://lists.opensuse.org/opensuse-updates/2016-11/msg00010.html

http://lists.opensuse.org/opensuse-updates/2016-11/msg00018.html

http://lists.opensuse.org/opensuse-updates/2016-11/msg00064.html

http://www.openwall.com/lists/oss-security/2015/08/16/2

https://access.redhat.com/errata/RHSA-2017:1208

https://bugzilla.redhat.com/show_bug.cgi?id=1254242

https://lists.debian.org/debian-lts-announce/2018/11/msg00023.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QIZNTZDXOJR5BTRZKCS3GVHVZV2PWHH/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXWV22WGSQFDRPE7G6ECGP3QXS2V2A2M/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNLVBZWDEXZCFWOBZ3YVEQINMRBRX5QV/

https://security.gentoo.org/glsa/201707-07

https://usn.ubuntu.com/3693-1/

http://lists.opensuse.org/opensuse-updates/2016-11/msg00010.html

http://lists.opensuse.org/opensuse-updates/2016-11/msg00018.html

http://lists.opensuse.org/opensuse-updates/2016-11/msg00064.html

http://www.openwall.com/lists/oss-security/2015/08/16/2

https://access.redhat.com/errata/RHSA-2017:1208

https://bugzilla.redhat.com/show_bug.cgi?id=1254242

https://lists.debian.org/debian-lts-announce/2018/11/msg00023.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QIZNTZDXOJR5BTRZKCS3GVHVZV2PWHH/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AXWV22WGSQFDRPE7G6ECGP3QXS2V2A2M/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UNLVBZWDEXZCFWOBZ3YVEQINMRBRX5QV/

https://security.gentoo.org/glsa/201707-07

https://usn.ubuntu.com/3693-1/