CVE Vulnerabilities

CVE-2017-9113

Published: May 21, 2017 | Modified: Aug 30, 2020
CVSS 3.x
8.8
HIGH
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
3.3 LOW
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
Ubuntu
LOW

In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.

Affected Software

Name Vendor Start Version End Version
Openexr Openexr 2.2.0 (including) 2.2.0 (including)
Openexr Ubuntu artful *
Openexr Ubuntu bionic *
Openexr Ubuntu cosmic *
Openexr Ubuntu devel *
Openexr Ubuntu disco *
Openexr Ubuntu eoan *
Openexr Ubuntu focal *
Openexr Ubuntu trusty *
Openexr Ubuntu xenial *
Openexr Ubuntu zesty *

References