A code execution vulnerability exists in the OpenImageIO IFFOutput::close() function, which is an image read/write library that also provides tools and applications. An attacker can use this vulnerability to cause a heap buffer overflow via a specially crafted ImageOutput object (when the “xmax” variable is set to 0xFFFF and “m_spec.format” is “typeDesc::UINT8”).
CPE | Name | Operator | Version |
---|---|---|---|
openimageio openimageio 2. | eq | 4.4.2 |