OpenJPEG is vulnerable to arbitrary code execution and denial of service attacks. A remote unauthenticated attacker could cause application crash or potential code execution due to a heap-based buffer overflow flaw via a specifically crafted j2k image.