12 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-9116
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash. CVE-2017-9116 Note that Nessus relies...
RHEL 6 : openexr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...
Huawei EulerOS: Security Advisory for OpenEXR (EulerOS-SA-2020-1416)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : OpenEXR vulnerabilities (USN-4148-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4148-1 advisory. It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image...
Fedora 27 : mingw-OpenEXR (2018-b152c791cc)
This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...
Fedora 26 : mingw-OpenEXR (2018-f5d2f4ec0d)
This update fixes the following vulnerabilities: CVE-2017-9110 CVE-2017-9111 CVE-2017-9112 CVE-2017-9113 CVE-2017-9114 CVE-2017-9115 CVE-2017-9116 CVE-2017-12596 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenabl...
Fedora Update for mingw-OpenEXR FEDORA-2018-f5d2f4ec0d
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated OpenEXR packages fix security vulnerability
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...
MGASA-2018-0032 Updated OpenEXR packages fix security vulnerability
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash CVE-2017-9110. In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash CVE-2017-9112. In OpenEXR 2.2.0, an invali...
CVE-2017-9116
OpenEXR 2.2.0 contains a vulnerability CVE-2017-9116 where an invalid read of size 1 in the uncompress function (ImfZip.cpp) could trigger a crash. Several advisories confirm the issue and reference OpenEXR’s 2.2.0 family; patches and updates were released across distributions (e.g., OpenEXR 2.2....
CVE-2017-9116
In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash...
OpenEXR -- multiple remote code execution and denial of service vulnerabilities
Brandon Perry reports: There is a zip file of EXR images that cause segmentation faults in the OpenEXR library tested against 2.2.0. CVE-2017-9110 In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash. CVE-2017-9111 In OpenEXR...