Integer overflow in the opjpicreate_decode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libopenjpip-dec-server-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjp2-tools": "2.1.0-2.1ubuntu0.1", "libopenjpip7": "2.1.0-2.1ubuntu0.1", "libopenjp2-7-dev-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjp2-7": "2.1.0-2.1ubuntu0.1", "libopenjp2-tools-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjp2-7-dbg": "2.1.0-2.1ubuntu0.1", "libopenjpip-server": "2.1.0-2.1ubuntu0.1", "libopenjp2-7-dev": "2.1.0-2.1ubuntu0.1", "libopenjpip-server-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjp3d7-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjp3d7": "2.1.0-2.1ubuntu0.1", "libopenjp2-7-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjp3d-tools-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjpip7-dbgsym": "2.1.0-2.1ubuntu0.1", "libopenjpip-dec-server": "2.1.0-2.1ubuntu0.1", "libopenjp3d-tools": "2.1.0-2.1ubuntu0.1", "libopenjpip-viewer": "2.1.0-2.1ubuntu0.1" } ] }