CVE-2011-4517
jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)
Severity Score
Exploit Likelihood
Affected Versions
15Public Exploits
0Exploited in Wild
-Decision
Descriptions
The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
La función jpc_crg_getparms de libjasper/jpc/jpc_cs.c de JasPer 1.900.1 utiliza un tipo de datos incorrecto durante un cálculo determinado de tamaño, lo que permite a atacantes remotos provocar un desbordamiento de buffer de memoria dinámica y ejecutar código arbitrario, o provocar una denegación de servicio (corrupción de memoria dinámica), a través de un archivo JPEG2000 mal formado.
A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code.
Red Hat Enterprise Virtualization Manager provides access to virtual machines using SPICE. These SPICE client packages provide the SPICE client and usbclerk service for both Windows 32-bit operating systems and Windows 64-bit operating systems. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2011-11-22 CVE Reserved
- 2011-12-15 CVE Published
- 2024-10-21 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-122: Heap-based Buffer Overflow
- CWE-787: Out-of-bounds Write
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/77596 | Broken Link | |
| http://secunia.com/advisories/47193 | Not Applicable | |
| http://secunia.com/advisories/47306 | Not Applicable | |
| http://secunia.com/advisories/47353 | Not Applicable | |
| http://www-01.ibm.com/support/docview.wss?uid=swg21660640 | Broken Link | |
| http://www.kb.cert.org/vuls/id/887409 | Third Party Advisory |
|
| http://www.oracle.com/technetwork/topics/security/cpujan2... | Third Party Advisory |
|
| http://www.securityfocus.com/bid/50992 | Broken Link | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/71701 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|