Your submission was sent successfully! Close

CVE-2011-4516

Published: 14 December 2011

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

Notes

AuthorNote
jdstrand
test images can be found at http://www.ece.uvic.ca/~frodo/jasper/
mdeslaur
ghostscript has embedded jasper in maverick and older
Debian's netpbm-free doesn't contain jasper
Priority

Medium

Status

Package Release Status
ghostscript
Launchpad, Ubuntu, Debian
hardy
Released (8.61.dfsg.1-1ubuntu3.4)
lucid
Released (8.71.dfsg.1-0ubuntu5.4)
maverick
Released (8.71.dfsg.2-0ubuntu7.1)
natty Not vulnerable
(uses system jasper)
oneiric Not vulnerable
(uses system jasper)
upstream Needs triage

jasper
Launchpad, Ubuntu, Debian
hardy Ignored
(reached end-of-life)
lucid
Released (1.900.1-7ubuntu0.10.04.1)
maverick
Released (1.900.1-7ubuntu0.10.10.1)
natty
Released (1.900.1-7ubuntu2.11.04.1)
oneiric
Released (1.900.1-7ubuntu2.11.10.1)
upstream Needs triage

Patches:
vendor: https://rhn.redhat.com/errata/RHSA-2011-1807.html

netpbm-free
Launchpad, Ubuntu, Debian
hardy Not vulnerable
(code not present)
lucid Not vulnerable
(code not present)
maverick Not vulnerable
(code not present)
natty Not vulnerable
(code not present)
oneiric Not vulnerable
(code not present)
upstream Needs triage

Patches:

vendor: https://rhn.redhat.com/errata/RHSA-2011-1811.html