OpenJPEG 'bin/jp2/convert.c' Remote Stack Based Buffer Overflow Vulnerability

OpenJPEG is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Attackers can exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely cause denial-of-service conditions.

OpenJPEG 2.2.0 is vulnerable; prior versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus