CVE-2011-4516

EPSS 47.8%

jasper - buffer overflows

Published: 12/15/2011Modified: 4/28/2026

Description

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

Affected packages (2)

Debian/ghostscriptfrom 0, < 8.64~dfsg-2
Debian/jasperfrom 0, < 1.900.1-7+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-4516