OpenJPEG 1.3 and earlier allows remote attackers to cause a denial of service (memory consumption or crash) via unspecified vectors related to NULL pointer dereferences, division-by-zero, and other errors.
http://www.securityfocus.com/bid/64142
http://www.debian.org/security/2013/dsa-2808
http://seclists.org/oss-sec/2013/q4/412