CVE-2011-4516
published 2011-12-15CVE-2011-4516: Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code…
medium6.8CVSS 3.1
AVNACMAuNCPIPAP
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| artifex | ghostscript | >= 0 < 8.64~dfsg-2 | 8.64~dfsg-2 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | ghostscript | < ghostscript 8.64~dfsg-2 (bookworm) | ghostscript 8.64~dfsg-2 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| jasper_project | jasper | — | — |
| oracle | outside_in_technology | — | — |
| oracle | outside_in_technology | — | — |
| suse | linux_enterprise_desktop | — | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_software_development_kit | — | — |
CVSS provenance
nvd6.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
osv6.8MEDIUM