CVE-2017-9114
- EPSS 2%
- Veröffentlicht 21.05.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.
CVE-2017-9113
- EPSS 3.14%
- Veröffentlicht 21.05.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.
CVE-2017-9112
- EPSS 1.85%
- Veröffentlicht 21.05.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash.
CVE-2017-9111
- EPSS 3.17%
- Veröffentlicht 21.05.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
CVE-2017-9110
- EPSS 1.73%
- Veröffentlicht 21.05.2017 18:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash.
CVE-2009-1721
- EPSS 4.29%
- Veröffentlicht 31.07.2009 19:00:01
- Zuletzt bearbeitet 16.06.2026 23:07:54
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of a...
CVE-2009-1722
- EPSS 4.54%
- Veröffentlicht 31.07.2009 19:00:01
- Zuletzt bearbeitet 16.06.2026 23:07:55
Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.
CVE-2009-1720
- EPSS 6.44%
- Veröffentlicht 31.07.2009 19:00:01
- Zuletzt bearbeitet 16.06.2026 23:07:54
Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (...