JasPer fails to properly decode marker segments and other
sections in malformed JPEG2000 files. Malformed inputs can
cause heap buffer overflows which in turn may result in
execution of attacker-controlled code.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchjasper< 1.900.1_12UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	jasper	< 1.900.1_12	UNKNOWN

References

www.kb.cert.org/vuls/id/887409

nessus 51

openvas 73

ubuntu 3

suse 3

fedora 7

oraclelinux 3

securityvulns 6

gentoo 2

cert 1

redhat 4

debian 2

centos 3

slackware 1

veracode 3

archlinux 1

ubuntucve 5

debiancve 4

checkpoint_advisories 3

prion 7

cve 7

amazon 1

redhatcve 2

osv 1

oracle 1

nessus

FreeBSD : jasper -- buffer overflow (8ff84335-a7da-11e2-b3f5-003067c2616f)

2013-04-18 00:00:00

Ubuntu 8.04 LTS / 10.04 LTS / 10.10 : ghostscript vulnerabilities (USN-1317-1)

2012-01-05 00:00:00

GLSA-201201-10 : JasPer: User-assisted execution of arbitrary code

2012-01-24 00:00:00

openvas

Ubuntu Update for ghostscript USN-1317-1

2012-01-09 00:00:00

Ubuntu: Security Advisory (USN-1317-1)

2012-01-09 00:00:00

RedHat Update for jasper RHSA-2011:1807-01

2012-07-09 00:00:00

ubuntu

Ghostscript vulnerabilities

2012-01-04 00:00:00

JasPer vulnerabilities

2011-12-20 00:00:00

JasPer vulnerabilities

2009-03-19 00:00:00

suse

Security update for jasper (important)

2011-12-14 19:08:30

Security update for jasper (important)

2011-12-12 02:08:33

jasper (important)

2011-12-16 13:08:23

fedora

[SECURITY] Fedora 15 Update: jasper-1.900.1-18.fc15

2012-01-02 21:52:41

[SECURITY] Fedora 16 Update: jasper-1.900.1-18.fc16

2011-12-30 22:53:37

[SECURITY] Fedora 11 Update: jasper-1.900.1-13.fc11

2009-10-27 06:43:29

oraclelinux

jasper security update

2011-12-14 00:00:00

netpbm security update

2011-12-12 00:00:00

netpbm security update

2009-02-11 00:00:00

securityvulns

JasPer library security vulnerabilities

2011-12-19 00:00:00

[ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code

2008-12-17 00:00:00

Jasper library multiplesecurity vulnerabilities

2009-03-20 00:00:00

gentoo

JasPer: User-assisted execution of arbitrary code

2012-01-23 00:00:00

JasPer: User-assisted execution of arbitrary code

2008-12-16 00:00:00

cert

JasPer memory corruption vulnerabilities

2011-12-08 00:00:00

redhat

(RHSA-2011:1807) Important: jasper security update

2011-12-09 00:00:00

(RHSA-2011:1811) Important: netpbm security update

2011-12-12 00:00:00

(RHSA-2015:0698) Important: rhevm-spice-client security, bug fix, and enhancement update

2015-03-18 00:00:00

debian

[SECURITY] [DSA 2371-1] jasper security update

2011-12-24 15:51:21

[SECURITY] [DSA 2080-1] New ghostscript packages fix several vulnerabilities

2010-08-01 01:24:55

centos

jasper security update

2011-12-22 15:46:17

netpbm security update

2011-12-12 22:16:22

netpbm security update

2009-02-11 19:31:04

slackware

[slackware-security] jasper

2015-10-29 22:48:48

veracode

Memory Corruption

2019-05-02 04:40:58

Denial Of Service (DoS) Or Remote Code Execution (RCE)

2019-05-02 04:40:58

Arbitrary Code Execution

2020-04-10 00:34:17

archlinux

jasper: arbitrary code execution

2014-12-19 00:00:00

ubuntucve

CVE-2011-4516

2011-12-14 00:00:00

CVE-2011-4517

2011-12-14 00:00:00

CVE-2008-3522

2008-10-02 00:00:00

debiancve

CVE-2011-4516

2011-12-15 03:57:00

CVE-2008-3522

2008-10-02 18:18:00

CVE-2011-4517

2011-12-15 03:57:00

checkpoint_advisories

Oracle Outside In JPEG 2000 COD and COC Parameter Heap Buffer Overflow (CVE-2011-4516)

2012-08-27 00:00:00

Oracle Outside In JPEG 2000 Parameter Heap Buffer Overflow (CVE-2011-4516)

2012-12-13 00:00:00

Oracle Outside In JPEG 2000 CRG Segment Processing Heap Buffer Overflow (CVE-2011-4517)

2012-10-14 00:00:00

prion

Heap overflow

2011-12-15 03:57:00

Buffer overflow

2008-10-02 18:18:00

Heap overflow

2011-12-15 03:57:00

cve

CVE-2011-4516

2011-12-15 03:57:00

CVE-2011-4517

2011-12-15 03:57:00

CVE-2008-3522

2008-10-02 18:18:00

amazon

Important: jasper

2011-12-12 13:45:00

redhatcve

CVE-2016-8881

2016-10-26 11:15:47

CVE-2016-8880

2016-10-26 10:47:53

osv

ghostscript - several vulnerabilities

2010-08-01 00:00:00

oracle

Oracle Critical Patch Update - January 2012

2012-01-17 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.172 Low

EPSS

Percentile

96.0%

JSON

Related for 8FF84335-A7DA-11E2-B3F5-003067C2616F