Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-4517

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://bugzilla.redha...
CERT-VN: VU#887409
DEBIAN: DSA-2371
SECUNIA: 47306
SECUNIA: 47353
REDHAT: RHSA-2011:1811
CONFIRM: http://www.oracle.com/...
UBUNTU: USN-1315-1
REDHAT: RHSA-2011:1807
SUSE: openSUSE-SU-2011:1317
OSVDB: 77596
SECUNIA: 47193
FEDORA: FEDORA-2011-16955
FEDORA: FEDORA-2011-16966
CONFIRM: http://www-01.ibm.com/...
REDHAT: RHSA-2015:0698
BID: 50992
SLACKWARE: SSA:2015-302-02
XF: jasper-jpccrggetparms-...

Launchpad.net

CVE 2011-4517

Related bugs

References