Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openexr openexr vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2009-1721
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
Openexr Openexr 1.2.2
Openexr Openexr 1.6.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Opensuse Opensuse 10.0
Apple Mac Os X
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Fedoraproject Fedora 11
Fedoraproject Fedora 10
6.8
CVSSv2
CVE-2009-1722
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent malicious users to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
Openexr Openexr 1.2.2
5.8
CVSSv2
CVE-2021-20303
A flaw found in function dataWindowForTile() of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, leading to an out-of-bounds write on the heap. The greatest impact of this flaw is to applicatio...
Openexr Openexr
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-20296
A flaw was found in OpenEXR in versions prior to 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability...
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-3474
There's a flaw in OpenEXR in versions prior to 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-3476
A flaw was found in OpenEXR's B44 uncompression functionality in versions prior to 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2021-3475
There is a flaw in OpenEXR in versions prior to 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.
Openexr Openexr
Debian Debian Linux 9.0
Debian Debian Linux 10.0
5
CVSSv2
CVE-2006-2277
Multiple Apple Mac OS X 10.4 applications might allow context-dependent malicious users to cause a denial of service (application crash) via a crafted OpenEXR (.exr) image file, which triggers the crash when opening a folder using Finder, displaying the image in Safari, or using ...
Apple Mac Os X 10.4.4
Apple Mac Os X 10.4.5
Apple Mac Os X 10.4.1
Apple Mac Os X 10.4.2
Apple Mac Os X 10.4.3
Apple Mac Os X 10.4.6
Apple Mac Os X 10.4
1 EDB exploit
4.3
CVSSv2
CVE-2021-3933
An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths.
Openexr Openexr
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Debian Debian Linux 11.0
4.3
CVSSv2
CVE-2021-20299
A flaw was found in OpenEXR's Multipart input file functionality. A crafted multi-part input file with no actual parts can trigger a NULL pointer dereference. The highest threat from this vulnerability is to system availability.
Openexr Openexr
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »