Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3520)