The tcd_free_encode function in tcd.c in OpenJPEG 1.3 up to and including 1.5 allows remote malicious users to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uclouvain openjpeg 1.3 |
||
uclouvain openjpeg 1.4 |
||
uclouvain openjpeg 1.5 |