Bug 747726 - (CVE-2011-4516, CVE-2011-4517) CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitrary code execution (CERT VU#887409)
CVE-2011-4516 CVE-2011-4517 jasper: heap buffer overflow flaws lead to arbitr...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
high Severity high
: ---
: ---
Assigned To: Red Hat Product Security
impact=important,public=20111208,repo...
: Security
Depends On: 749149 749150 760848 760849 760850 765660 765661 765662 765663 765664
Blocks: 747729 1167538
  Show dependency treegraph
 
Reported: 2011-10-20 16:51 EDT by Vincent Danen
Modified: 2016-03-04 07:47 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
A heap-based buffer overflow flaw was found in the way JasPer decoded JPEG 2000 compressed image files. An attacker could create a malicious JPEG 2000 compressed image file that, when opened, would cause applications that use JasPer (such as Nautilus) to crash or, potentially, execute arbitrary code.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-10 13:30:07 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Vincent Danen 2011-10-20 16:51:31 EDT
A number of vulnerabilities were found and reported by CERT in JasPer which may allow a remote unauthenticated attacker to execute arbitrary code.

Reference:
http://www.kb.cert.org/vuls/id/887409
Comment 17 Vincent Danen 2011-12-05 17:52:53 EST
There are two overflows here, and they have been assigned the names CVE-2011-4516 and CVE-2011-4517.
Comment 18 Vincent Danen 2011-12-05 18:02:12 EST
Acknowledgements:

Red Hat would like to thank Jonathan Foote of the CERT Coordination Center for reporting this issue.
Comment 19 Huzaifa S. Sidhpurwala 2011-12-07 01:17:47 EST
This issue affects the version of jasper package as shipped with Red Hat Enterprise Linux 6.

This issue affects the version of netpbm package as shipped with Red Hat Enterprise Linux 4 and 5.
Comment 22 Huzaifa S. Sidhpurwala 2011-12-08 22:35:53 EST
Created mingw32-jasper tracking bugs for this issue

Affects: epel-5 [bug 765663]
Affects: fedora-all [bug 765664]
Comment 23 Huzaifa S. Sidhpurwala 2011-12-08 22:35:57 EST
Created jasper tracking bugs for this issue

Affects: fedora-all [bug 765660]
Affects: epel-4 [bug 765661]
Affects: epel-5 [bug 765662]
Comment 24 errata-xmlrpc 2011-12-09 00:35:48 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2011:1807 https://rhn.redhat.com/errata/RHSA-2011-1807.html
Comment 25 errata-xmlrpc 2011-12-12 16:08:36 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5

Via RHSA-2011:1811 https://rhn.redhat.com/errata/RHSA-2011-1811.html
Comment 26 Fedora Update System 2011-12-30 17:53:26 EST
jasper-1.900.1-18.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 27 Fedora Update System 2012-01-02 14:53:25 EST
jasper-1.900.1-14.el4 has been pushed to the Fedora EPEL 4 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 28 Fedora Update System 2012-01-02 14:54:09 EST
jasper-1.900.1-14.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 29 Fedora Update System 2012-01-02 16:52:26 EST
jasper-1.900.1-18.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 30 errata-xmlrpc 2015-03-18 08:12:26 EDT
This issue has been addressed in the following products:

  RHEV Manager version 3.5

Via RHSA-2015:0698 https://rhn.redhat.com/errata/RHSA-2015-0698.html

Note You need to log in before you can comment on or make changes to this bug.