In this document, Google's Cloud Vulnerability Research team (CVR) presents vulnerabilities in a third-party JPEG 2000 image library called Kakadu. Exploiting memory corruption vulnerabilities typically requires knowledge about the target environment; however, CVR outlines how to overcome these challenges with a technique called 'Conditional Corruption,' achieving remote code execution impact.

In this document, Google's Cloud Vulnerability Research team (CVR) presents vulnerabilities in a third-party JPEG 2000 image library called Kakadu. Exploiting memory corruption vulnerabilities typically requires knowledge about the target environment; however, CVR outlines how to overcome these challenges with a technique called 'Conditional Corruption,' achieving remote code execution impact.