Skip to main content

By opening jpeg 2000 image file you can get hacked

: Security researchers at Talos have discovered zero-day vulnerability in JPEG 2000 image file format. A specially crafted JPEG 2000 file can trigger a massive read and write of adjacent heap area memory, causing a code execution possibility.

Azero-day flaw in the JPEG 2000 image file format has been discovered by the security experts at Cisco Talos group. The JPEG 2000 is often used to embed images in the PDF documents. This vulnerability affects the image file format parser implemented in OpenJPEG library. OpenJPEG is an open-source JPEG 2000 codec written in C language.

This revelation has been made in a security advisory published by Talcos. The advisory states that the flaw could allow arbitrary code execution. This flaw was first discovered by Aleksandar Nikolic of Cisco Talos.

The security researchers have successfully tested the JPEG 2000 exploit on the OpenJPEG openjp2 2.1.1.

What makes this zero-day flaw in JPEF 2000 so scary?

In order to exploit the vulnerability, a hacker needs to trick the victim into opening custom JPEG 2000 image file. This could be done by sending an email to the victim, containing a PDF file or some other methods like Google Drive or Dropbox.

Due to an error while parsing mcc records in the jpeg2000 file, the attacker can access out of the bounds memory. It could result in a massive read and write of adjacent heap area memory. On further manipulation of heap layout, a skilled hacker can head metadata process memory corruption, leading to code execution.

The security advisory states:

The vulnerability lies in opj_j2k_read_mcc_record function in src/lib/openjp2/j2k.c file which is responsible for parsing mcc records.

Talos experts have disclosed the zero-day flaw to the vendor OpenJPEG on July 26, which was followed by a patch released on September 29.

Detailed information can be found on Talos website.

Did you find this article helpful? Don’t forget to drop your feedback in the comments section below.

Comments

Popular posts from this blog

So what exactly is cryptography

Nowadays Internet is an important part of Life.  We are using the Internet for sending confidential data also like password,for storing army secrets. But the Internet is insecure medium.we all use internet at a daily basis.  Do you know why? Insecure Medium: Imagine you are sending a data.  In internet world, data are separated as packets and send to the destination.  Do you think the data directly reaching the destination?   If  you think so,you are wrong.  The packets are going through different routers.  Finally, the data is sent to the user.  In this gap, Intruders(i mean attackers) takes advantages. so who are they .the are  I.they  can see what you are sending.  Because your data are simple and easy to readable by anyone. How to secure the data? We can not stop the intruders and their activities.  But we can make our data as Unreadable for Intruders.  For this purpose, the Cryptography is introduce...

Lunix malware havoc

The Krebs DDoS attacks have proven that the IoT landscape is a fertile ground that can breed huge botnets capable of launching massive DDoS assaults. As such, it should be no surprise that malware authors are now focusing their efforts on this sector and putting out new threats in the hopes of building the next Mirai botnet. One of the latest additions to the IoT malware market is a trojan codenamed Linux/NyaDrop, recently reverse engineered by MalwareMustDie, the same researcher who discovered the Mirai malware. MalwareMustDie points out in his research that this binary appeared in May, but was somewhat simplistic and not that common. Things changed after the Krebs DDoS attacks, and a new sample has appeared on the market, with the malware’s author most likely drawn back to the IoT landscape by Mirai’s success. Just like most IoT malware nowadays, NyaDrop’s author relies on brute-forcing Internet-exposed IoT devices using their default credentials. In a conversati...

Remove virus from android

Desktops aren’t the only gadgets that can be affected by a virus. Android devices have a malware problem and it’s growing every day. If you do get a virus, you could perform a factory reset to get rid of it, but that means you’d lose all your data — those photos you shot, the saved games, the text messages, and everything else. Obviously, you want a factory reset to be your last option. So what can you do to remove a virus from Android without a factory reset? Is It Really a Virus? If your phone isn’t functioning the way it should be, there’s a chance you have some malware on it. One wrong tap somewhere and a malicious file might have been downloaded on your phone, which is leeching battery life, Internet resources, or your personal data. But it could be something else. Suppose your Android refuses to boot or crashes every time it starts up. Or maybe you can’t seem to download apps from the Play Store. These are not necessarily caused...