CVE-2009-0246

Опубликовано: 22 янв. 2009

Источник: nvd

CVSS2: 9.3

EPSS Низкий

Описание

Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file.

Ссылки

http://easyhdr.com/version.php
Vendor Advisory
http://osvdb.org/51609
http://secunia.com/advisories/33468
Vendor Advisory
http://secunia.com/secunia_research/2008-61/
Vendor Advisory
http://securityreason.com/securityalert/4941
http://www.securityfocus.com/archive/1/500192/100/0/threaded
http://www.securityfocus.com/bid/33363
http://www.vupen.com/english/advisories/2009/0190
https://exchange.xforce.ibmcloud.com/vulnerabilities/48119
http://easyhdr.com/version.php
Vendor Advisory
http://osvdb.org/51609
http://secunia.com/advisories/33468
Vendor Advisory
http://secunia.com/secunia_research/2008-61/
Vendor Advisory
http://securityreason.com/securityalert/4941
http://www.securityfocus.com/archive/1/500192/100/0/threaded
http://www.securityfocus.com/bid/33363
http://www.vupen.com/english/advisories/2009/0190
https://exchange.xforce.ibmcloud.com/vulnerabilities/48119

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:easyhdr:easyhdr:1.60.2:*:pro:*:*:*:*:*

EPSS

Процентиль: 89%

0.04242

Низкий

9.3 Critical

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-39m6-f2q9-3jm9

github

почти 4 года назад