From secunia: Description A vulnerability has been reported in OpenJPEG, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to an error within the "tcd_free_encode()" function (tcd.c) when decoding tile information from Gray16 TIFF images and can be exploited to corrupt heap memory. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 1.5.0. Other versions may also be affected. Solution Do not process files from untrusted sources(unpatched).
Correct Secunia advisory is https://secunia.com/advisories/48781.
CVE-2009-5030 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-5030): The tcd_free_encode function in tcd.c in OpenJPEG 1.3 through 1.5 allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code via crafted tile information in a Gray16 TIFF image, which causes insufficient memory to be allocated and leads to an "invalid free."
GLSA request filed.
This issue was resolved and addressed in GLSA 201310-07 at http://security.gentoo.org/glsa/glsa-201310-07.xml by GLSA coordinator Sean Amoss (ackle).
