OpenJPEG Bug Helping Attackers Conduct Remote Code Execution

Researchers at Cisco Talos have discovered a dangerous zero-day vulnerability in the OpenJPEG JPEG 2000 codec. The flaw can allow attackers to conduct remote code execution on systems.

OpenJPEG is a JPEG 2000 codec, which is programmed in C language while the software particularly was developed to popularize JPEG 2000. The JPEG 2000 is an image compression standard, which is commonly used for a variety of tasks such image embedding in PDF files. Software like Pdfium, Poppler and MuPDF are used for this purpose.

The revelation was made by Cisco researchers on Friday. They further revealed that the zero-day vulnerability is identified in the JPEG 2000 image file format parser, which is implemented in the OpenJPEG library. This flaw has been given the code name CVE-2016-8332, with a CVSS score of 7.5 and it is being regarded as an out-of-bounds vulnerability. This means, this vulnerability can heap write to occur, which can result in arbitrary code execution and heap exploitation.

The cause behind this flaw is an error in parsing MCC records stored in the JPEG 2000 file. This leads to an erroneous “read and write of adjacent heap area memory.” Cisco Talos’ Aleksander Nikolic discovered this vulnerability in the version 2.1.1 of OpenJPEG.

If this flaw is exploited, it would lead to heap metadata process memory corruption. This vulnerability can be used by attackers only if the user of the computer opens any malicious, specially designed JPEG 2000 images. Such content is often distributed via phish emails and even hosted on authentic platforms like Dropbox and Google Drive. As soon as the malicious images enter the system, it creates the path for attackers for conducting remote execution of the code.

More technical details and Talos vulnerability report is available here.

Via: ZDNet

Source: Talos Blog

Related Posts