Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-1000450

Опубликовано: 26 сент. 2017
Источник: redhat
CVSS3: 7

Описание

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.

Отчет

Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. Red Hat Enterprise Linux 6 is now in Production 3 Phase of the support and maintenance life cycle. This has been rated as having Moderate security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6opencvWill not fix
Red Hat Enterprise Linux 7opencvWill not fix
Red Hat Enterprise Linux 8opencvNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-787
https://bugzilla.redhat.com/show_bug.cgi?id=1531610opencv: out of bounds write in functions FillUniColor and FillUniGray in opencv/modules/imgcodecs/src/utils.cpp

7 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-1000450

CVSS3: 8.8
ubuntu
около 8 лет назад

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.

nvd логотип

CVE-2017-1000450

CVSS3: 8.8
nvd
около 8 лет назад

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.

debian логотип

CVE-2017-1000450

CVSS3: 8.8
debian
около 8 лет назад

In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and ...

github логотип

GHSA-m43c-649m-pm48

CVSS3: 8.8
github
больше 4 лет назад

Integer Overflow or Wraparound in OpenCV.

fstec логотип

BDU:2024-07599

CVSS3: 8.8
fstec
больше 8 лет назад

Уязвимость компонента utils.cpp библиотеки алгоритмов компьютерного зрения, обработки изображений и численных алгоритмов общего назначения Open Source Computer Vision Library (OpenCV), позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании

7 High

CVSS3