2 matches found
Denial Of Service
OpenEXR is vulnerable to denial of service. The vulnerability exists in MultiPartInputFile::Data::chunkOffsetReconstruction function of ImfMultiPartInputFile.cpp because of incorrectly testing for a part number which allows an attacker to cause a head-based buffer overflow via a malicious EXR fil...
CVE-2020-16587
A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file...