GLSA-200812-18 : JasPer: User-assisted execution of arbitrary code
Critical Nessus Plugin ID 35189
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200812-18 (JasPer: User-assisted execution of arbitrary code)
Marc Espie and Christian Weisgerber have discovered multiple vulnerabilities in JasPer:
Multiple integer overflows might allow for insufficient memory allocation, leading to heap-based buffer overflows (CVE-2008-3520).
The jas_stream_printf() function in libjasper/base/jas_stream.c uses vsprintf() to write user-provided data to a static to a buffer, leading to an overflow (CVE-2008-3522).
Remote attackers could entice a user or automated system to process specially crafted jpeg2k files with an application using JasPer, possibly leading to the execution of arbitrary code.
There is no known workaround at this time.
SolutionAll JasPer users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=media-libs/jasper-1.900.1-r3'