This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of JPEG 2000 parser. A malformed JPEG 2000 input image leads to flawed computation that involves pointer offset arithmetic which does not adequately account for the buffer boundaries. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. |