Bug 747726 (CVE-2011-4516, CVE-2011-4517)
| Summary: | CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409) | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Vincent Danen <vdanen> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | amaris, huzaifas, isenfeld, jnovy, jpopelka, mhradile, security-response-team |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | jasper 1.900.5 | Doc Type: | Bug Fix |
| Doc Text: |
A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-08-10 17:30:07 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 749149, 749150, 760848, 760849, 760850, 765660, 765661, 765662, 765663, 765664 | ||
| Bug Blocks: | 747729, 1167538, 1314477 | ||
|
Description
Vincent Danen
2011-10-20 20:51:31 UTC
There are two overflows here, and they have been assigned the names CVE-2011-4516 and CVE-2011-4517. Acknowledgements: Red Hat would like to thank Jonathan Foote of the CERT Coordination Center for reporting this issue. This issue affects the version of jasper package as shipped with Red Hat Enterprise Linux 6. This issue affects the version of netpbm package as shipped with Red Hat Enterprise Linux 4 and 5. Created mingw32-jasper tracking bugs for this issue Affects: epel-5 [bug 765663] Affects: fedora-all [bug 765664] Created jasper tracking bugs for this issue Affects: fedora-all [bug 765660] Affects: epel-4 [bug 765661] Affects: epel-5 [bug 765662] This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2011:1807 https://rhn.redhat.com/errata/RHSA-2011-1807.html This issue has been addressed in following products: Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 Via RHSA-2011:1811 https://rhn.redhat.com/errata/RHSA-2011-1811.html jasper-1.900.1-18.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report. jasper-1.900.1-14.el4 has been pushed to the Fedora EPEL 4 stable repository. If problems still persist, please make note of it in this bug report. jasper-1.900.1-14.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report. jasper-1.900.1-18.fc15 has been pushed to the Fedora 15 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: RHEV Manager version 3.5 Via RHSA-2015:0698 https://rhn.redhat.com/errata/RHSA-2015-0698.html Fixed upstream in version 1.900.5: https://github.com/mdadams/jasper/commit/0d22460816ea58e74a124158fa6cc48efb709a47 *** Bug 1388863 has been marked as a duplicate of this bug. *** *** Bug 1388864 has been marked as a duplicate of this bug. *** |