Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 01:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html - Mailing List, Third Party Advisory | |
References | () http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html - Mailing List, Third Party Advisory | |
References | () http://osvdb.org/77595 - Broken Link | |
References | () http://rhn.redhat.com/errata/RHSA-2015-0698.html - Third Party Advisory | |
References | () http://secunia.com/advisories/47193 - Not Applicable | |
References | () http://secunia.com/advisories/47306 - Not Applicable | |
References | () http://secunia.com/advisories/47353 - Not Applicable | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21660640 - Broken Link | |
References | () http://www.debian.org/security/2011/dsa-2371 - Third Party Advisory | |
References | () http://www.kb.cert.org/vuls/id/887409 - Third Party Advisory, US Government Resource | |
References | () http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html - Third Party Advisory | |
References | () http://www.redhat.com/support/errata/RHSA-2011-1807.html - Not Applicable | |
References | () http://www.redhat.com/support/errata/RHSA-2011-1811.html - Not Applicable, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/50992 - Third Party Advisory, VDB Entry | |
References | () http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606 - Release Notes | |
References | () http://www.ubuntu.com/usn/USN-1315-1 - Third Party Advisory | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=747726 - Issue Tracking |
20 Dec 2023, 18:29
Type | Values Removed | Values Added |
---|---|---|
References | (SECUNIA) http://secunia.com/advisories/47306 - Not Applicable | |
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=747726 - Issue Tracking | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html - Mailing List, Third Party Advisory | |
References | (CERT-VN) http://www.kb.cert.org/vuls/id/887409 - Third Party Advisory, US Government Resource | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-1315-1 - Third Party Advisory | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2011-1811.html - Not Applicable, Third Party Advisory | |
References | (REDHAT) http://rhn.redhat.com/errata/RHSA-2015-0698.html - Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html - Third Party Advisory | |
References | (OSVDB) http://osvdb.org/77595 - Broken Link | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html - Mailing List, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/47193 - Not Applicable | |
References | (CONFIRM) http://www-01.ibm.com/support/docview.wss?uid=swg21660640 - Broken Link | |
References | (SLACKWARE) http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606 - Release Notes | |
References | (DEBIAN) http://www.debian.org/security/2011/dsa-2371 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/47353 - Not Applicable | |
References | (BID) http://www.securityfocus.com/bid/50992 - Third Party Advisory, VDB Entry | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2011-1807.html - Not Applicable | |
CWE | CWE-787 | |
First Time |
Suse linux Enterprise Desktop
Debian debian Linux Suse Suse linux Enterprise Server Canonical ubuntu Linux Debian Oracle outside In Technology Oracle Canonical Suse linux Enterprise Software Development Kit Fedoraproject Fedoraproject fedora |
|
CPE | cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:* cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:* cpe:2.3:a:oracle:outside_in_technology:8.3.7:*:*:*:*:*:*:* cpe:2.3:a:oracle:outside_in_technology:8.3.5:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:sp1:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:* cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:* |
Information
Published : 2011-12-15 03:57
Updated : 2025-04-11 00:51
NVD link : CVE-2011-4516
Mitre link : CVE-2011-4516
CVE.ORG link : CVE-2011-4516
JSON object : View
Products Affected
jasper_project
- jasper
debian
- debian_linux
suse
- linux_enterprise_software_development_kit
- linux_enterprise_server
- linux_enterprise_desktop
canonical
- ubuntu_linux
fedoraproject
- fedora
oracle
- outside_in_technology
CWE
CWE-787
Out-of-bounds Write