A code execution vulnerability exists in the IFFOutput::close() function of OpenImageIO v2.4.4.2, an image read/write library that also provides tools and applications. An attacker could use this vulnerability to cause a heap buffer overflow via a specially crafted ImageOutput object (when the “ymax” variable is set to 0xFFFF and “m_spec.format” is “typeDesc::UINT8”).
CPE | Name | Operator | Version |
---|---|---|---|
openimageio openimageio 2. | eq | 4.4.2 |