exploit the possibilities

Mandriva Linux Security Advisory 2011-189

Mandriva Linux Security Advisory 2011-189
Posted Dec 16, 2011
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2011-189 - Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted numrlvls value in a JPEG2000 file. The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a malformed JPEG2000 file. The updated packages have been patched to correct these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2011-4516, CVE-2011-4517
MD5 | 5cbc32a5ba30f3811dbc16ac8f4fb577

Mandriva Linux Security Advisory 2011-189

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2011:189
http://www.mandriva.com/security/
_______________________________________________________________________

Package : jasper
Date : December 16, 2011
Affected: 2010.1, 2011., Enterprise Server 5.0
_______________________________________________________________________

Problem Description:

Multiple vulnerabilities has been discovered and corrected in jasper:

Heap-based buffer overflow in the jpc_cox_getcompparms function in
libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to
execute arbitrary code or cause a denial of service (memory corruption)
via a crafted numrlvls value in a JPEG2000 file (CVE-2011-4516).

The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer
1.900.1 uses an incorrect data type during a certain size calculation,
which allows remote attackers to trigger a heap-based buffer overflow
and execute arbitrary code, or cause a denial of service (heap memory
corruption), via a malformed JPEG2000 file (CVE-2011-4517).

The updated packages have been patched to correct these issues.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2010.1:
e494dad90e889530c86071f3ffdc2144 2010.1/i586/jasper-1.900.1-12.1mdv2010.2.i586.rpm
b2b08a6ecacf2d26d032b1e65ebf390d 2010.1/i586/libjasper1-1.900.1-12.1mdv2010.2.i586.rpm
71a43faf4f98f4c8220c377691fc6d7c 2010.1/i586/libjasper-devel-1.900.1-12.1mdv2010.2.i586.rpm
002cc21e456874c4927eb0d87c946b98 2010.1/i586/libjasper-static-devel-1.900.1-12.1mdv2010.2.i586.rpm
1cda18f770486d728dc15efdcecc177d 2010.1/SRPMS/jasper-1.900.1-12.1mdv2010.2.src.rpm

Mandriva Linux 2010.1/X86_64:
420fb525b80f6921f36a5bdf89e7163e 2010.1/x86_64/jasper-1.900.1-12.1mdv2010.2.x86_64.rpm
9ecae54e76c3e3320ba1837d623c0fbf 2010.1/x86_64/lib64jasper1-1.900.1-12.1mdv2010.2.x86_64.rpm
8f8690f72954f4d33e14b5a61dab39af 2010.1/x86_64/lib64jasper-devel-1.900.1-12.1mdv2010.2.x86_64.rpm
f08f66c77a6bd13aa9e1d642bd38a756 2010.1/x86_64/lib64jasper-static-devel-1.900.1-12.1mdv2010.2.x86_64.rpm
1cda18f770486d728dc15efdcecc177d 2010.1/SRPMS/jasper-1.900.1-12.1mdv2010.2.src.rpm

Mandriva Linux 2011:
2ca7cc26dc24d01d159200db795c4f62 2011/i586/jasper-1.900.1-12.1-mdv2011.0.i586.rpm
25681b4aeccde3e9b85b4f565870853f 2011/i586/libjasper1-1.900.1-12.1-mdv2011.0.i586.rpm
fc559da2f2ed5264c7ca37fe313f5979 2011/i586/libjasper-devel-1.900.1-12.1-mdv2011.0.i586.rpm
81cf761c980e151a2a804f1fad5be109 2011/i586/libjasper-static-devel-1.900.1-12.1-mdv2011.0.i586.rpm
e2bbe335c556a330f7993c6119c8d6cc 2011/SRPMS/jasper-1.900.1-12.1.src.rpm

Mandriva Linux 2011/X86_64:
136e4a0960f038fb1d043afc146260ff 2011/x86_64/jasper-1.900.1-12.1-mdv2011.0.x86_64.rpm
bcf658437206939760149448524eceb9 2011/x86_64/lib64jasper1-1.900.1-12.1-mdv2011.0.x86_64.rpm
72d5f142060403ca344c2f0311258381 2011/x86_64/lib64jasper-devel-1.900.1-12.1-mdv2011.0.x86_64.rpm
d8b8311ec34971e7908c1b2bccb671c9 2011/x86_64/lib64jasper-static-devel-1.900.1-12.1-mdv2011.0.x86_64.rpm
e2bbe335c556a330f7993c6119c8d6cc 2011/SRPMS/jasper-1.900.1-12.1.src.rpm

Mandriva Enterprise Server 5:
8bf49dec9c4e4890e3e989ff8fc3bb19 mes5/i586/jasper-1.900.1-4.3mdvmes5.2.i586.rpm
bccebb05fb7594cae930ba03ee527039 mes5/i586/libjasper1-1.900.1-4.3mdvmes5.2.i586.rpm
35b631ab6c5f153c1e2d273142d385f3 mes5/i586/libjasper1-devel-1.900.1-4.3mdvmes5.2.i586.rpm
c01ebaa0319a5bd480a69f3f7d84f35a mes5/i586/libjasper1-static-devel-1.900.1-4.3mdvmes5.2.i586.rpm
8da90dd5afaeb2aaf09daad2f97d83ab mes5/SRPMS/jasper-1.900.1-4.3mdvmes5.2.src.rpm

Mandriva Enterprise Server 5/X86_64:
8c1aed6122fa87a6341ef2d8282f4390 mes5/x86_64/jasper-1.900.1-4.3mdvmes5.2.x86_64.rpm
83d3051efaa4e26793bea89775e2d461 mes5/x86_64/lib64jasper1-1.900.1-4.3mdvmes5.2.x86_64.rpm
9f7ed89204edddde7b443e7fac61fe2b mes5/x86_64/lib64jasper1-devel-1.900.1-4.3mdvmes5.2.x86_64.rpm
41d45d8a0ca083a26eed5b213cfd7a79 mes5/x86_64/lib64jasper1-static-devel-1.900.1-4.3mdvmes5.2.x86_64.rpm
8da90dd5afaeb2aaf09daad2f97d83ab mes5/SRPMS/jasper-1.900.1-4.3mdvmes5.2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iD8DBQFO6x1nmqjQ0CJFipgRAkhTAJ0bHHUFiodH4z69bX/yKE68Vq3+JQCdEPQm
cE1/h3Xv/zQWnadBoHy4OcY=
=DYuC
-----END PGP SIGNATURE-----

Comments

RSS Feed Subscribe to this comment feed

No comments yet, be the first!

Login or Register to post a comment

File Archive:

October 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    24 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    7 Files
  • 4
    Oct 4th
    4 Files
  • 5
    Oct 5th
    10 Files
  • 6
    Oct 6th
    1 Files
  • 7
    Oct 7th
    21 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    5 Files
  • 10
    Oct 10th
    20 Files
  • 11
    Oct 11th
    17 Files
  • 12
    Oct 12th
    4 Files
  • 13
    Oct 13th
    4 Files
  • 14
    Oct 14th
    15 Files
  • 15
    Oct 15th
    19 Files
  • 16
    Oct 16th
    25 Files
  • 17
    Oct 17th
    17 Files
  • 18
    Oct 18th
    7 Files
  • 19
    Oct 19th
    1 Files
  • 20
    Oct 20th
    3 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    9 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close