Описание
An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.2.0-11.1ubuntu1.2 |
| devel | released | 2.3.0-6ubuntu0.1 |
| eoan | released | 2.2.1-4.1ubuntu1.1 |
| esm-apps/focal | released | 2.3.0-6ubuntu0.1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | released | 2.2.0-11.1ubuntu1.2 |
| esm-infra/xenial | released | 2.2.0-10ubuntu2.2 |
| focal | released | 2.3.0-6ubuntu0.1 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
An issue was discovered in OpenEXR before 2.4.1. Because of integer ov ...
An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer.
Уязвимость функции readSampleCountForLineBlock программного обеспечения для хранения изображений с широкими динамическими диапазоном яркости OpenEXR, связанная с целочисленным переполнением, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
4.3 Medium
CVSS2
5.5 Medium
CVSS3