Описание
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 3.2.0+dfsg-4ubuntu0.1 |
| devel | released | 3.2.0+dfsg-4.1ubuntu0.1 |
| esm-apps/bionic | released | 3.2.0+dfsg-4ubuntu0.1 |
| esm-apps/xenial | released | 2.4.9.1+dfsg-1.5ubuntu1.1 |
| esm-infra-legacy/trusty | released | 2.4.8+dfsg1-2ubuntu1.1 |
| precise/esm | DNE | |
| trusty | released | 2.4.8+dfsg1-2ubuntu1.1 |
| trusty/esm | released | 2.4.8+dfsg1-2ubuntu1.1 |
| upstream | released | 2.4.9.1+dfsg-1+deb8u2, 2.3.1-11+deb7u2 |
Показывать по
6.8 Medium
CVSS2
8.8 High
CVSS3
Связанные уязвимости
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::readData has an integer overflow when calculate src_pitch. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function PxMDecoder::re ...
Уязвимость компонента opencv/modules/imgcodecs/src/grfmt_pxm.cpp библиотеки алгоритмов компьютерного зрения, обработки изображений и численных алгоритмов общего назначения Open Source Computer Vision Library (OpenCV), позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании
6.8 Medium
CVSS2
8.8 High
CVSS3