A serious zero-day flaw affecting the JPEG 2000 image file format parser implemented in the OpenJPEG library, was discovered by the Cisco Talos Security Team.
The vulnerability, (TALOS-2016-0193/CVE-2016-8332), allows the attacker which is exploiting it to trigger the heap corruption and execute arbitrary code on the infected PC.
“This particular vulnerability could allow an out-of-bound heap write to occur, resulting in heap corruption and lead to arbitrary code execution. Talos has disclosed this vulnerability responsibility to the library maintainers to ensure a patch is available.” – states the security advisory published by Talos.
The security experts tested the JPEG 2000 image exploit on the OpenJpeg openjp2 2.1.1 and notified the maintainers of the library about the bug to make sure a patch will be released.
As the JPEG 2000 file format is widely used especially for embedding images inside PDF documents, this vulnerability could cause a lot of damage.
The attacker, in order to exploit this flaw, has to fool the victims into opening a malicious file, which contains a specifically crafted JPEG 2000 image that triggers the flaw.
The attackers could either send an email to the targets with a PDF doc containing the malicious image or store the image on a cloud storage like Google Drive or Dropbox and then send a link to the picture to the victims.
Moreover, to help the experts in the investigation and detection of the vulnerability, Cisco Talos released Snort Rules (40314-40315). As this rules are subject to change pending additional vulnerability information, the company said that additional rules may be released in the future.