An out-of-bounds write vulnerability has been discovered in OpenJPEG. The vulnerability is due to a lack of validation on the index values of MCC markers when parsing maliciously crafted JPEG2000 image files. A remote attacker could exploit this vulnerability by enticing a user to open a malicious JPEG file with a vulnerable application. Successful exploitation would result in execution of arbitrary attacker code in the security context of the target user.