Apple Mac OS X ImageIO JPEG2000 Handling Remote Code Execution Vulnerability

Apple Mac OS X ImageIO JPEG2000 Handling Remote Code Execution Vulnerability

Apple Mac OS X is prone to a vulnerability that lets attackers run arbitrary code because the ImageIO component fails to properly handle certain image files.

Successful exploits will allow an attacker to run arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects Mac OS X 10.4.11, Mac OS X Server 10.4.11, Mac OS X 10.5 - 10.5.2, and Mac OS X Server 10.5 - 10.5.2.

NOTE: This issue was previously covered in BID 29412 (Apple Mac OS X 2008-003 Multiple Security Vulnerabilities) but has been given its own record to better document the vulnerability.