CVE-2011-4517

MEDIUM

Description

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.

References

http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html

http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html

http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html

http://osvdb.org/77596

http://rhn.redhat.com/errata/RHSA-2015-0698.html

http://secunia.com/advisories/47193

http://secunia.com/advisories/47306

http://secunia.com/advisories/47353

http://www.debian.org/security/2011/dsa-2371

http://www.kb.cert.org/vuls/id/887409

http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html

http://www.redhat.com/support/errata/RHSA-2011-1807.html

http://www.redhat.com/support/errata/RHSA-2011-1811.html

http://www.securityfocus.com/bid/50992

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.538606

http://www.ubuntu.com/usn/USN-1315-1

http://www-01.ibm.com/support/docview.wss?uid=swg21660640

https://bugzilla.redhat.com/show_bug.cgi?id=747726

https://exchange.xforce.ibmcloud.com/vulnerabilities/71701

Details

Source: MITRE

Published: 2011-12-15

Updated: 2017-08-29

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (27 total)

ID	Name	Product	Family	Severity
94601	openSUSE Security Update : jasper (openSUSE-2016-1270)	Nessus	SuSE Local Security Checks	critical
86663	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : jasper (SSA:2015-302-02)	Nessus	Slackware Local Security Checks	critical
81969	RHEL 6 : rhevm-spice-client (RHSA-2015:0698) (POODLE)	Nessus	Red Hat Local Security Checks	critical
80618	Oracle Solaris Third-Party Patch Update : ghostscript (multiple_denial_of_service_vulnerabilities7)	Nessus	Solaris Local Security Checks	medium
80068	Fedora 19 : mingw-jasper-1.900.1-24.fc19 (2014-17032)	Nessus	Fedora Local Security Checks	high
80067	Fedora 20 : mingw-jasper-1.900.1-24.fc20 (2014-17027)	Nessus	Fedora Local Security Checks	high
80066	Fedora 21 : mingw-jasper-1.900.1-24.fc21 (2014-16961)	Nessus	Fedora Local Security Checks	high
75869	openSUSE Security Update : jasper (openSUSE-SU-2011:1328-1)	Nessus	SuSE Local Security Checks	medium
75532	openSUSE Security Update : jasper (openSUSE-SU-2011:1328-1)	Nessus	SuSE Local Security Checks	medium
74535	openSUSE Security Update : jasper (openSUSE-2011-87)	Nessus	SuSE Local Security Checks	medium
68404	Oracle Linux 4 / 5 : netpbm (ELSA-2011-1811)	Nessus	Oracle Linux Local Security Checks	high
68403	Oracle Linux 6 : jasper (ELSA-2011-1807)	Nessus	Oracle Linux Local Security Checks	medium
66012	FreeBSD : jasper -- buffer overflow (8ff84335-a7da-11e2-b3f5-003067c2616f)	Nessus	FreeBSD Local Security Checks	critical
58514	Symantec Enterprise Vault / Oracle Outside In Multiple Vulnerabilities (SYM12-004)	Nessus	Windows	medium
57652	GLSA-201201-10 : JasPer: User-assisted execution of arbitrary code	Nessus	Gentoo Local Security Checks	medium
57511	Debian DSA-2371-1 : jasper - buffer overflows	Nessus	Debian Local Security Checks	medium
57436	Ubuntu 8.04 LTS / 10.04 LTS / 10.10 : ghostscript vulnerabilities (USN-1317-1)	Nessus	Ubuntu Local Security Checks	critical
57417	Fedora 16 : jasper-1.900.1-18.fc16 (2011-16966)	Nessus	Fedora Local Security Checks	medium
57416	Fedora 15 : jasper-1.900.1-18.fc15 (2011-16955)	Nessus	Fedora Local Security Checks	medium
57378	CentOS 6 : jasper (CESA-2011:1807)	Nessus	CentOS Local Security Checks	medium
57357	Ubuntu 10.04 LTS / 10.10 / 11.04 / 11.10 : jasper vulnerabilities (USN-1315-1)	Nessus	Ubuntu Local Security Checks	medium
57331	Mandriva Linux Security Advisory : jasper (MDVSA-2011:189)	Nessus	Mandriva Local Security Checks	medium
57313	SuSE 10 Security Update : jasper (ZYPP Patch Number 7878)	Nessus	SuSE Local Security Checks	medium
57140	CentOS 4 / 5 : netpbm (CESA-2011:1811)	Nessus	CentOS Local Security Checks	high
57108	SuSE 11.1 Security Update : jasper (SAT Patch Number 5523)	Nessus	SuSE Local Security Checks	medium
57081	RHEL 4 / 5 : netpbm (RHSA-2011:1811)	Nessus	Red Hat Local Security Checks	high
57054	RHEL 6 : jasper (RHSA-2011:1807)	Nessus	Red Hat Local Security Checks	medium