Description


A heap-buffer overflow was found in the copyIntoFrameBuffer function of OpenEXR in versions before 3.0.1. An attacker could use this flaw to execute arbitrary code with the permissions of the user running the application compiled against OpenEXR.

Related CPE's


Vulnerable

o

fedoraproject

fedora

2

Weaknesses



CWE-787


CWE-787

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.8 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-06-08T12:15:10.413

4 years ago

Last modified

2023-11-07T03:30:49.020

1 year ago