CVE-2017-2812

Summary

A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise.

Affected Software

VendorProductVersion RangeStatus
Kakadu SoftwareKakadu SDK7.9 - OSX & Linuxaffected

Weaknesses

  • remote code execution

ADP Enrichment

CVE Program Container

Additional References

References