GoogleOSV:GHSA-99JG-R3F4-RPXJmemory overflow vulnerability in OpenEXR-viewer
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.6%
Just open this exr file through openexr-viewer.
( poc send by email )
This is windbg log file.
[ POC 2 ]
(8660.7e44): Access violation - code c0000005 (!!! second chance !!!)
openexr_viewer+0x27be4:
00007ff713ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000020a3ac8000c=???
Attempt to write the value 1.0 to the memory address 0x20A3AC8000C
[ POC 1 ]
(1404.9264): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
openexr_viewer+0x27be4:
00007ff713ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000029cb371600c=???
Attempt to write the value 1.0 to the memory address 0x29CB371600C
Credits
Team : ZeroPointer
ģ“ėķā( Lee Dong Ha of ZeroPointer Lab )
ģ ģ§ėƼ Ā Ā Ā ( Jeong Jimin of ZeroPointer Lab )
ė°ģ°ģ§Ā Ā Ā ( Park Woojin of ZeroPointer Lab )
ģ ģ°ģ§Ā Ā Ā ( Jeon Woojin of ZeroPointer Lab )
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
Low
0.001 Low
EPSS
Percentile
37.6%