Back to search
CVE-2009-1720
Published: Jul 31, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
FEDORA-2009-8132
vendor-advisory
x_refsource_FEDORA
http://support.apple.com/kb/HT3757
x_refsource_CONFIRM
36123
third-party-advisory
x_refsource_SECUNIA
FEDORA-2009-8136
vendor-advisory
x_refsource_FEDORA
MDVSA-2009:191
vendor-advisory
x_refsource_MANDRIVA
36753
third-party-advisory
x_refsource_SECUNIA
ADV-2009-2035
vdb-entry
x_refsource_VUPEN
36096
third-party-advisory
x_refsource_SECUNIA
DSA-1842
vendor-advisory
x_refsource_DEBIAN
MDVSA-2009:190
vendor-advisory
x_refsource_MANDRIVA
36030
third-party-advisory
x_refsource_SECUNIA
36032
third-party-advisory
x_refsource_SECUNIA
APPLE-SA-2009-08-05-1
vendor-advisory
x_refsource_APPLE
35838
vdb-entry
x_refsource_BID
1022674
vdb-entry
x_refsource_SECTRACK
USN-831-1
vendor-advisory
x_refsource_UBUNTU
ADV-2009-2172
vdb-entry
x_refsource_VUPEN
TA09-218A
third-party-advisory
x_refsource_CERT
SUSE-SR:2009:014
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now