CVE-2011-4516 ghostscript

Metadata

medium
6.8
ghostscript
CVE-2011-4516
2017-06-18 07:14
ALAS-2011-29
Important CentOS netpbm Update
CVE-2011-4516 jasper
CVE-2011-4516
2017-06-16 18:58
2017-04-01 19:16
2017-01-05 20:28

Description

Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.

Am I vulnerable?

The constraints below list the versions that this vulnerability is patched in, and versions that are unaffected. If a patch is ready but unrealeased, then it is pending.

Or, you can just let us figure it out for you! Appcanary continously monitor your installed packages, and tell you if any of them are vulnerable.

Sign up for monitoring

Affected package information

Release Package Patched in
buster ghostscript 8.64~dfsg-2
jessie ghostscript 8.64~dfsg-2
sid ghostscript 8.64~dfsg-2
stretch ghostscript 8.64~dfsg-2
wheezy ghostscript 8.64~dfsg-2