Summary
| Detail | |||
|---|---|---|---|
| Vendor | Openexr | First view | 2009-07-31 |
| Product | Openexr | Last view | 2022-03-25 |
| Version | 1.2.2 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:openexr:openexr | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2022-03-25 | CVE-2021-3933 | An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths. |
| 7.5 | 2022-03-16 | CVE-2021-20299 | A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability. |
| 6.1 | 2022-03-04 | CVE-2021-20303 | A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well. |
| 5.5 | 2022-03-04 | CVE-2021-20302 | A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability. |
| 5.5 | 2022-03-04 | CVE-2021-20300 | A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availability. |
| 5.5 | 2022-01-01 | CVE-2021-45942 | OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable. |
| 5.5 | 2021-08-25 | CVE-2021-3605 | There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability. |
| 5.5 | 2021-07-06 | CVE-2021-3598 | There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability. |
| 5.5 | 2021-06-08 | CVE-2021-26945 | An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. |
| 5.5 | 2021-06-08 | CVE-2021-26260 | An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215. |
| 5.5 | 2021-06-08 | CVE-2021-23215 | An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. |
| 8.8 | 2021-06-08 | CVE-2021-23169 | A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR. |
| 5.3 | 2021-04-01 | CVE-2021-20296 | A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability. |
| 5.5 | 2021-03-31 | CVE-2021-3479 | There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability. |
| 5.5 | 2021-03-31 | CVE-2021-3478 | There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability. |
| 5.5 | 2021-03-31 | CVE-2021-3477 | There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability. |
| 5.3 | 2021-03-30 | CVE-2021-3476 | A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability. |
| 5.3 | 2021-03-30 | CVE-2021-3475 | There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability. |
| 5.3 | 2021-03-30 | CVE-2021-3474 | There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability. |
| 5.5 | 2020-06-26 | CVE-2020-15306 | An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp. |
| 5.5 | 2020-06-26 | CVE-2020-15305 | An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp. |
| 5.5 | 2020-06-26 | CVE-2020-15304 | An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference. |
| 5.5 | 2020-04-14 | CVE-2020-11765 | An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. |
| 5.5 | 2020-04-14 | CVE-2020-11764 | An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. |
| 5.5 | 2020-04-14 | CVE-2020-11763 | An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 23% (9) | CWE-125 | Out-of-bounds Read |
| 21% (8) | CWE-190 | Integer Overflow or Wraparound |
| 15% (6) | CWE-787 | Out-of-bounds Write |
| 13% (5) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 7% (3) | CWE-476 | NULL Pointer Dereference |
| 5% (2) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 2% (1) | CWE-416 | Use After Free |
| 2% (1) | CWE-193 | Off-by-one Error |
| 2% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 2% (1) | CWE-189 | Numeric Errors |
| 2% (1) | CWE-16 | Configuration |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 56709 | OpenEXR Compression Implementation Unspecified Overflow |
| 56708 | OpenEXR Imf::hufUncompress Function Decompression Implementation Uninitialize... |
| 56707 | OpenEXR Imf::PreviewImage::PreviewImage Function Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2010-05-12 | Name : Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003 File : nvt/macosx_upd_10_5_8_secupd_2009-003.nasl |
| 2009-12-14 | Name : Mandriva Security Advisory MDVSA-2009:191-1 (OpenEXR) File : nvt/mdksa_2009_191_1.nasl |
| 2009-10-13 | Name : SLES10: Security update for OpenEXR File : nvt/sles10_OpenEXR.nasl |
| 2009-10-11 | Name : SLES11: Security update for OpenEXR File : nvt/sles11_OpenEXR.nasl |
| 2009-09-15 | Name : Ubuntu USN-831-1 (openexr) File : nvt/ubuntu_831_1.nasl |
| 2009-09-09 | Name : SuSE Security Summary SUSE-SR:2009:014 File : nvt/suse_sr_2009_014.nasl |
| 2009-08-17 | Name : Fedora Core 11 FEDORA-2009-8132 (OpenEXR) File : nvt/fcore_2009_8132.nasl |
| 2009-08-17 | Name : Fedora Core 10 FEDORA-2009-8136 (OpenEXR) File : nvt/fcore_2009_8136.nasl |
| 2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:190 (OpenEXR) File : nvt/mdksa_2009_190.nasl |
| 2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:191 (OpenEXR) File : nvt/mdksa_2009_191.nasl |
| 2009-07-29 | Name : Debian Security Advisory DSA 1842-1 (openexr) File : nvt/deb_1842_1.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2013-12-09 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201312-07.nasl - Type: ACT_GATHER_INFO |
| 2010-02-24 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-1842.nasl - Type: ACT_GATHER_INFO |
| 2009-12-09 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2009-191.nasl - Type: ACT_GATHER_INFO |
| 2009-10-06 | Name: The remote openSUSE host is missing a security update. File: suse_OpenEXR-6393.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 11 host is missing one or more security updates. File: suse_11_OpenEXR-090804.nasl - Type: ACT_GATHER_INFO |
| 2009-09-24 | Name: The remote SuSE 10 host is missing a security-related patch. File: suse_OpenEXR-6392.nasl - Type: ACT_GATHER_INFO |
| 2009-09-15 | Name: The remote Ubuntu host is missing one or more security-related patches. File: ubuntu_USN-831-1.nasl - Type: ACT_GATHER_INFO |
| 2009-09-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_0_OpenEXR-090804.nasl - Type: ACT_GATHER_INFO |
| 2009-09-02 | Name: The remote openSUSE host is missing a security update. File: suse_11_1_OpenEXR-090804.nasl - Type: ACT_GATHER_INFO |
| 2009-08-05 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_10_5_8.nasl - Type: ACT_GATHER_INFO |
| 2009-08-05 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2009-003.nasl - Type: ACT_GATHER_INFO |
| 2009-08-03 | Name: The remote Mandriva Linux host is missing one or more security updates. File: mandriva_MDVSA-2009-190.nasl - Type: ACT_GATHER_INFO |
| 2009-08-01 | Name: The remote Fedora host is missing a security update. File: fedora_2009-8132.nasl - Type: ACT_GATHER_INFO |
| 2009-08-01 | Name: The remote Fedora host is missing a security update. File: fedora_2009-8136.nasl - Type: ACT_GATHER_INFO |
