CVE-2011-4516

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

Published: Dec 15, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4516
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Affected Software
References

Software	From	Fixed in
jasper_project / jasper	1.900.1	1.900.1.x
suse / linux_enterprise_server	11-sp1	11-sp1.x
fedoraproject / fedora	16	16.x
canonical / ubuntu_linux	10.10	10.10.x
suse / linux_enterprise_desktop	11-sp1	11-sp1.x
canonical / ubuntu_linux	11.04	11.04.x
canonical / ubuntu_linux	11.10	11.10.x
debian / debian_linux	6.0	6.0.x
fedoraproject / fedora	15	15.x
canonical / ubuntu_linux	10.04	10.04.x
suse / linux_enterprise_software_development_kit	11-sp1	11-sp1.x
oracle / outside_in_technology	8.3.5	8.3.5.x
oracle / outside_in_technology	8.3.7	8.3.7.x

Vulnerability Database

289,689

CVE-2011-4516