Описание
Stack-based buffer overflow in the readRadianceHeader function in (1) src/fileformat/rgbeio.cpp in pfstools 1.6.2 and (2) src/Fileformat/rgbeio.cpp in Qtpfsgui 1.8.11 allows remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Patch
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:pfstools:pfstools:1.6.2:*:*:*:*:*:*:*
cpe:2.3:a:qtpfsgui:qtpfsgui:1.8.11:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05721
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Stack-based buffer overflow in the readRadianceHeader function in (1) src/fileformat/rgbeio.cpp in pfstools 1.6.2 and (2) src/Fileformat/rgbeio.cpp in Qtpfsgui 1.8.11 allows remote attackers to execute arbitrary code via a crafted Radiance RGBE (.hdr) file.
EPSS
Процентиль: 90%
0.05721
Низкий
6.8 Medium
CVSS2
Дефекты
NVD-CWE-Other