OpenJPEG Flaw, CVSS score 7.5, = high severity category

For discussions about security.
Post Reply
Message
Author
belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

OpenJPEG Flaw, CVSS score 7.5, = high severity category

#1 Post by belham2 »

Two days ago, wanted to spruce up one of my desktops, so went looking for some wallpapers on wallpaper sites. Found some really nice ones on a site, all in jpeg. Now the site is mota.ru. Maybe I should have hesitated, but I don't believe all are evil in this world (unlike some of my murga-posting friends here, lol), so I downloaded some. Then I started thinking yesterday, jpeg files, hmmm, notorious for empty spaces inside them-----how would we ever know if any type of buffer/overflow code was hidden in these images we click on, download or both?

As if dropped from the underside of manna, of course this article pops up late last night on one of the security sites I regularly check. And, well, I really do, I just feel warm & fuzzy all over now with my new wallpapers :roll: :(


http://www.securityweek.com/openjpeg-fl ... mage-files

SCADA / ICS

Home › Vulnerabilities
OpenJPEG Flaw Allows Code Execution via Malicious Image Files
By Eduard Kovacs on October 03, 2016

An update released last week for the OpenJPEG library addresses several bugs and important security issues, including a flaw that can be exploited to execute arbitrary code using specially crafted image files.

OpenJPEG is an open-source library designed for encoding and decoding JPEG2000 images, a format that is often used to embed image files inside PDF documents. OpenJPEG is used by several popular PDF readers, including PDFium, the default PDF viewer in Google Chrome.

Cisco Talos researchers discovered that OpenJPEG is plagued by an out-of-bounds heap write issue. The vulnerability allows an attacker to execute arbitrary code on the targeted user’s system if they can trick the victim into opening a specially crafted JPEG2000 image or a PDF document containing such a file.

In an attack scenario described by experts, the attacker attaches a malicious file to an email, or uploads it to a file hosting service, such as Dropbox or Google Drive, and sends the link to the victim.

“Due to an error while.............
(check the link out, short one page article)

Post Reply