20 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9112
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash. CVE-2017-9112 Note that Nessus relies on...
RHEL 6 : openexr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...
cv-depot (>=0.4.2 <=0.12.0), flatiron (>=0.20.1 <=0.26.0) +5 more potentially affected by CVE-2017-9112 via openexr (>=1.3.2 <=1.3.9)
openexr PYPI version =1.3.2, =0.4.2, =0.20.1, =0.4.0, =1.5.0, =1.6.2, =1.6.5 Source cves: CVE-2017-9112 Source advisory: OSV:GHSA-8M57-J273-2QG9...
SUSE: Security Advisory (SUSE-SU-2019:1962-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2020-1416)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : OpenEXR vulnerabilities (USN-4148-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4148-1 advisory. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image...
USN-4148-1: OpenEXR vulnerabilities
It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2017-12596...
SUSE SLED12 / SLES12 Security Update : openexr (SUSE-SU-2019:1962-1)
This update for openexr fixes the following issues : Security issue fixed : CVE-2017-9111: Fixed an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h bsc1040109. CVE-2017-9113: Fixed an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp...
Fedora 26 : mingw-OpenEXR (2018-f5d2f4ec0d)
This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...
Fedora 27 : mingw-OpenEXR (2018-b152c791cc)
This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...
Fedora Update for mingw-OpenEXR FEDORA-2018-f5d2f4ec0d
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2018-0032 Updated OpenEXR packages fix security vulnerability
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...
Updated OpenEXR packages fix security vulnerability
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...
[slackware-security] openexr
New openexr packages are available for Slackware 14.2 and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openexr-2.2.0-i586-2slack14.2.txz: Rebuilt. Patched bugs that may lead to program crashes or possibly execution of arbitrary code...
CVE-2017-9112
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...
UBUNTU-CVE-2017-9112
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...
CVE-2017-9112
OpenEXR 2.2.0 is affected by CVE-2017-9112 due to an invalid read of size 1 in the getBits function (ImfHuf.cpp), which could cause a crash. The vulnerability details are documented across multiple sources (OpenEXR issue/PR references and Debian/Ubuntu advisories). A fix is available in OpenEXR 2...
CVE-2017-9112
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...
CVE-2017-9112
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash...
OpenEXR -- multiple remote code execution and denial of service vulnerabilities
Brandon Perry reports: There is a zip file of EXR images that cause segmentation faults in the OpenEXR library tested against 2.2.0. CVE-2017-9110 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. CVE-2017-9111 In OpenEXR...