17 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-11765
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier,...
RHEL 6 : openexr (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...
GLSA-202107-27 : OpenEXR: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202107-27 OpenEXR: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...
SUSE: Security Advisory (SUSE-SU-2020:1293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 4755-1] openexr security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4755-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 29, 2020 https://www.debian.org/security/faq -...
openSUSE Security Update : openexr (openSUSE-2020-682)
This update for openexr provides the following fix : Security issues fixed : - CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier bsc1169575. - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp...
openSUSE: Security Advisory for openexr (openSUSE-SU-2020:0682-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0682-1 Security update for openexr
This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier bsc1169575. - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp...
SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2020:1293-1)
This update for openexr provides the following fix : Security issues fixed : CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier bsc1169575. CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp...
SUSE-SU-2020:1293-1 Security update for openexr
This update for openexr provides the following fix: Security issues fixed: - CVE-2020-11765: Fixed an off-by-one error in use of the ImfXdr.h read function by DwaCompressor:Classifier:Classifier bsc1169575. - CVE-2020-11764: Fixed an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp...
Fedora: Security Advisory for mingw-OpenEXR (FEDORA-2020-e244f22a51)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
MGASA-2020-0189 Updated openexr packages fix security vulnerabilities
The updated packages fix security vulnerabilities: An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. CVE-2020-11758 An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in...
CVE-2020-11765
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read. Mitigation Mitigation for this issue is either not available or the currently available options do not mee...
Ubuntu: Security Advisory (USN-4339-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenEXR vulnerabilities (USN-4339-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4339-1 advisory. Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening ...
USN-4339-1: OpenEXR vulnerabilities
Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS...
CVE-2020-11765
CVE-2020-11765 concerns OpenEXR prior to 2.4.1, where an off-by-one error in the ImfXdr.h read function used by DwaCompressor::Classifier::Classifier caused an out-of-bounds read. Public disclosures and vendor advisories (OpenEXR/OpenEXR 2.4.1 release notes; GLSA-202107-27; Debian DLA-2358-1) con...