This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Openexr First view 2009-07-31
Product Openexr Last view 2022-03-25
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:openexr:openexr:2.2.0:*:*:*:*:*:*:* 39
cpe:2.3:a:openexr:openexr:1.2.2:*:*:*:*:*:*:* 33
cpe:2.3:a:openexr:openexr:2.3.0:*:*:*:*:*:*:* 33
cpe:2.3:a:openexr:openexr:1.6.1:*:*:*:*:*:*:* 32
cpe:2.3:a:openexr:openexr:*:*:*:*:*:*:*:* 30
cpe:2.3:a:openexr:openexr:3.1.2:*:*:*:*:*:*:* 2

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.5 2022-03-25 CVE-2021-3941

In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of programs linked with OpenEXR.

5.5 2022-03-25 CVE-2021-3933

An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths.

7.5 2022-03-16 CVE-2021-20299

A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.

6.1 2022-03-04 CVE-2021-20303

A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to application availability, with some potential impact to data integrity as well.

5.5 2022-03-04 CVE-2021-20302

A flaw was found in OpenEXR's TiledInputFile functionality. This flaw allows an attacker who can submit a crafted single-part non-image to be processed by OpenEXR, to trigger a floating-point exception error. The highest threat from this vulnerability is to system availability.

5.5 2022-03-04 CVE-2021-20300

A flaw was found in OpenEXR's hufUncompress functionality in OpenEXR/IlmImf/ImfHuf.cpp. This flaw allows an attacker who can submit a crafted file that is processed by OpenEXR, to trigger an integer overflow. The highest threat from this vulnerability is to system availability.

5.5 2022-01-01 CVE-2021-45942

OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.

5.5 2021-08-25 CVE-2021-3605

There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

5.5 2021-07-06 CVE-2021-3598

There's a flaw in OpenEXR's ImfDeepScanLineInputFile functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

5.5 2021-06-08 CVE-2021-26945

An integer overflow leading to a heap-buffer overflow was found in OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

5.5 2021-06-08 CVE-2021-26260

An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215.

5.5 2021-06-08 CVE-2021-23215

An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

8.8 2021-06-08 CVE-2021-23169

A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.

5.3 2021-04-01 CVE-2021-20296

A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability.

5.5 2021-03-31 CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.

5.5 2021-03-31 CVE-2021-3478

There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability.

5.5 2021-03-31 CVE-2021-3477

There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability.

5.3 2021-03-30 CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.

5.3 2021-03-30 CVE-2021-3475

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

5.3 2021-03-30 CVE-2021-3474

There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.

5.5 2020-12-09 CVE-2020-16589

A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.

5.5 2020-12-09 CVE-2020-16588

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.

5.5 2020-12-09 CVE-2020-16587

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.

5.5 2020-06-26 CVE-2020-15306

An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.

5.5 2020-06-26 CVE-2020-15305

An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.

CWE : Common Weakness Enumeration

%idName
22% (10) CWE-125 Out-of-bounds Read
18% (8) CWE-787 Out-of-bounds Write
18% (8) CWE-190 Integer Overflow or Wraparound
13% (6) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
9% (4) CWE-476 NULL Pointer Dereference
4% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (1) CWE-416 Use After Free
2% (1) CWE-369 Divide By Zero
2% (1) CWE-193 Off-by-one Error
2% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
2% (1) CWE-189 Numeric Errors
2% (1) CWE-16 Configuration

Oval Markup Language : Definitions

OvalID Name
oval:org.mitre.oval:def:7863 DSA-1842 openexr -- several vulnerabilities
oval:org.mitre.oval:def:13999 USN-831-1 -- openexr vulnerabilities

Open Source Vulnerability Database (OSVDB)

id Description
56709 OpenEXR Compression Implementation Unspecified Overflow
56708 OpenEXR Imf::hufUncompress Function Decompression Implementation Uninitialize...
56707 OpenEXR Imf::PreviewImage::PreviewImage Function Overflow

OpenVAS Exploits

id Description
2010-05-12 Name : Mac OS X 10.5.8 Update / Mac OS X Security Update 2009-003
File : nvt/macosx_upd_10_5_8_secupd_2009-003.nasl
2009-12-14 Name : Mandriva Security Advisory MDVSA-2009:191-1 (OpenEXR)
File : nvt/mdksa_2009_191_1.nasl
2009-10-13 Name : SLES10: Security update for OpenEXR
File : nvt/sles10_OpenEXR.nasl
2009-10-11 Name : SLES11: Security update for OpenEXR
File : nvt/sles11_OpenEXR.nasl
2009-09-15 Name : Ubuntu USN-831-1 (openexr)
File : nvt/ubuntu_831_1.nasl
2009-09-09 Name : SuSE Security Summary SUSE-SR:2009:014
File : nvt/suse_sr_2009_014.nasl
2009-08-17 Name : Fedora Core 11 FEDORA-2009-8132 (OpenEXR)
File : nvt/fcore_2009_8132.nasl
2009-08-17 Name : Fedora Core 10 FEDORA-2009-8136 (OpenEXR)
File : nvt/fcore_2009_8136.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:190 (OpenEXR)
File : nvt/mdksa_2009_190.nasl
2009-08-17 Name : Mandrake Security Advisory MDVSA-2009:191 (OpenEXR)
File : nvt/mdksa_2009_191.nasl
2009-07-29 Name : Debian Security Advisory DSA 1842-1 (openexr)
File : nvt/deb_1842_1.nasl

Nessus® Vulnerability Scanner

id Description
2018-02-28 Name: The remote Fedora host is missing a security update.
File: fedora_2018-f5d2f4ec0d.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The remote Fedora host is missing a security update.
File: fedora_2018-b152c791cc.nasl - Type: ACT_GATHER_INFO
2017-10-02 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2017-274-01.nasl - Type: ACT_GATHER_INFO
2017-09-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1083.nasl - Type: ACT_GATHER_INFO
2017-05-26 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_803879e9419511e79b08080027ef73ec.nasl - Type: ACT_GATHER_INFO
2013-12-09 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201312-07.nasl - Type: ACT_GATHER_INFO
2010-02-24 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-1842.nasl - Type: ACT_GATHER_INFO
2009-12-09 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2009-191.nasl - Type: ACT_GATHER_INFO
2009-10-06 Name: The remote openSUSE host is missing a security update.
File: suse_OpenEXR-6393.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 11 host is missing one or more security updates.
File: suse_11_OpenEXR-090804.nasl - Type: ACT_GATHER_INFO
2009-09-24 Name: The remote SuSE 10 host is missing a security-related patch.
File: suse_OpenEXR-6392.nasl - Type: ACT_GATHER_INFO
2009-09-15 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-831-1.nasl - Type: ACT_GATHER_INFO
2009-09-02 Name: The remote openSUSE host is missing a security update.
File: suse_11_1_OpenEXR-090804.nasl - Type: ACT_GATHER_INFO
2009-09-02 Name: The remote openSUSE host is missing a security update.
File: suse_11_0_OpenEXR-090804.nasl - Type: ACT_GATHER_INFO
2009-08-05 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_SecUpd2009-003.nasl - Type: ACT_GATHER_INFO
2009-08-05 Name: The remote host is missing a Mac OS X update that fixes various security issues.
File: macosx_10_5_8.nasl - Type: ACT_GATHER_INFO
2009-08-03 Name: The remote Mandriva Linux host is missing one or more security updates.
File: mandriva_MDVSA-2009-190.nasl - Type: ACT_GATHER_INFO
2009-08-01 Name: The remote Fedora host is missing a security update.
File: fedora_2009-8136.nasl - Type: ACT_GATHER_INFO
2009-08-01 Name: The remote Fedora host is missing a security update.
File: fedora_2009-8132.nasl - Type: ACT_GATHER_INFO