Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4516

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2011-4516
Last Modified 23 Mar 2015 09:59:32
Published 14 Dec 2011 10:57:34
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-4516

Summary

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

Vulnerable Systems

Application

  • Jasper Project Jasper 1.900.1


References

CERT-VN - VU#887409

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=747726

DEBIAN - DSA-2371

SECUNIA - 47353

SECUNIA - 47306

REDHAT - RHSA-2011:1811

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

UBUNTU - USN-1315-1

REDHAT - RHSA-2011:1807

SECUNIA - 47193

OSVDB - 77595

SUSE - openSUSE-SU-2011:1317

FEDORA - FEDORA-2011-16955

FEDORA - FEDORA-2011-16966

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21660640

REDHAT - RHSA-2015:0698

Related Patches

Red Hat 2011:1811-01 RHSA Important: netpbm security update for RHEL 4 x86

Red Hat 2011:1811-01 RHSA Important: netpbm security update for RHEL 5 x86

Red Hat 2011:1811-01 RHSA Important: netpbm security update for RHEL 5 x86_64

Red Hat 2011:1811-01 RHSA Important: netpbm security update for RHEL 4 x86_64

Novell SUSE 2011:5523 jasper security update for SLE 11 SP1 i586

Novell SUSE 2011:5523 jasper security update for SLE 11 SP1 x86_64

Novell SUSE 2011:7878 jasper security update for SLE 10 SP4 i586

Novell SUSE 2011:7878 jasper security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:53:43