The JPEG 2000 codec (jp2.c) in OpenJPEG prior to 1.5 allows remote malicious users to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
uclouvain openjpeg |
||
uclouvain openjpeg 1.3 |