Warning! Just Opening A JPEG 2000 Image File Can Get You Hacked




Short Bytes: Security researchers at Talos have discovered zero-day vulnerability in JPEG 2000 image file format. A specially crafted JPEG 2000 file can trigger a massive read and write of adjacent heap area memory, causing a code execution possibility.

 

Azero-day flaw in the JPEG 2000 image file format has been discovered by the security experts at Cisco Talos group. The JPEG 2000 is often used to embed images in the PDF documents. This vulnerability affects the image file format parser implemented in OpenJPEG library. OpenJPEG is an open-source JPEG 2000 codec written in C language.This revelation has been made in a security advisory published by Talcos. The advisory states that the flaw could allow arbitrary code execution. This flaw was first discovered by Aleksandar Nikolic of Cisco Talos.

The security researchers have successfully tested the JPEG 2000 exploit on the OpenJPEG openjp2 2.1.1.

What makes this zero-day flaw in JPEF 2000 so scary?

In order to exploit the vulnerability, a hacker needs to trick the victim into opening custom JPEG 2000 image file. This could be done by sending an email to the victim, containing a PDF file or some other methods like Google Drive or Dropbox.

Due to an error while parsing mcc records in the jpeg2000 file, the attacker can access out of the bounds memory. It could result in a massive read and write of adjacent heap area memory. On further manipulation of heap layout, a skilled hacker can head metadata process memory corruption, leading to code execution.

The security advisory states:

The vulnerability lies in opj_j2k_read_mcc_record function in src/lib/openjp2/j2k.c file which is responsible for parsing mcc records.

Talos experts have disclosed the zero-day flaw to the vendor OpenJPEG on July 26, which was followed by a patch released on September 29.

Detailed information can be found on Talos website.

Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.

Leave a Reply

Your email address will not be published. Required fields are marked *