HTTP: OpenJPEG JPEG2000 Image Processing Out-of-Bounds Write
This signature detects attempts to exploit a known vulnerability in OpenJPEG. Successful exploitation would result in execution of arbitrary attacker code in the security context of the target user.
Extended Description
A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. An exploitable code execution vulnerability exists in the jpeg2000 image file format parser as implemented in the OpenJpeg library. A specially crafted jpeg2000 file can cause an out of bound heap write resulting in heap corruption leading to arbitrary code execution. For a successful attack, the target user needs to open a malicious jpeg2000 file. The jpeg2000 image file format is mostly used for embedding images inside PDF documents and the OpenJpeg library is used by a number of popular PDF renderers making PDF documents a likely attack vector.
Affected Products
Uclouvain openjpeg
References
CVE: CVE-2016-8332
Short Name
HTTP:STC:DL:OPENJPEG-IMG-OOB
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2016-8332 Image JPEG2000 OpenJPEG Out-of-Bounds Processing Write
Release Date
11/15/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3716
False Positive
Unknown
Vendors
Uclouvain
CVSS Score
6.8