View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2011-4516 medium priority: Ubuntu including 3 source packages (ghostscript, jasper, netpbm-free), 18 status rows across 6 suites (hardy, lucid, maverick, natty, oneiric, upstream): not-affected 7, released 7, needs-triage 3, ignored 1.
Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.