DSA-1842 openexr -- several vulnerabilitiesID: oval:org.mitre.oval:def:7863 | Date: (C)2009-12-15 (M)2024-02-15 |
Class: PATCH | Family: unix |
Several vulnerabilities have been discovered in the OpenEXR image library, which can lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: Drew Yao discovered integer overflows in the preview and compression code. Drew Yao discovered that an uninitialised pointer could be freed in the decompression code. A buffer overflow was discovered in the compression code.
Platform: |
Debian 5.0 |
Debian 4.0 |