FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

jasper -- buffer overflow

Affected packages
jasper < 1.900.1_12

Details

VuXML ID 8ff84335-a7da-11e2-b3f5-003067c2616f
Discovery 2011-12-09
Entry 2013-04-18

Fedora reports:

JasPer fails to properly decode marker segments and other sections in malformed JPEG2000 files. Malformed inputs can cause heap buffer overflows which in turn may result in execution of attacker-controlled code.

References

CVE Name CVE-2008-3520
CVE Name CVE-2008-3522
CVE Name CVE-2011-4516
CVE Name CVE-2011-4517
URL http://www.kb.cert.org/vuls/id/887409