JPEG 2000 Codec Remote Code Execution Vulnerability

JPEG 2000 Codec Remote Code Execution Vulnerability

CVE-2012-1499 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The JPEG 2000 codec (jp2.c) in OpenJPEG before 1.5 allows remote attackers to execute arbitrary code via a crafted palette index in a CMAP record of a JPEG image, which triggers memory corruption, aka "out-of heap-based buffer write."

Learn more about our Web Application Penetration Testing UK.