A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows an attacker to potentially gain remote code execution or cause denial of service via the channel definition cdef atom of JPEG2000.
Exploitability
AV:NAC:HAT:NPR:LUI:NVulnerable System
VC:NVI:HVA:HSubsequent System
SC:NSI:HSA:H7.2/CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:H/SA:HOther