[Pkg-phototools-devel] Bug#550424: openexr6: CVE-2009-1720, 1721, 1722 potential vectors for arbitrary code execution

Michael S Gilbert michael.s.gilbert at gmail.com
Fri Oct 9 22:52:10 UTC 2009


Package: openexr6
Version: 1.6.1
Severity: serious
Tags: security

Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for openexr6.

CVE-2009-1720[0]:
| Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow
| context-dependent attackers to cause a denial of service (application
| crash) or possibly execute arbitrary code via unspecified vectors that
| trigger heap-based buffer overflows, related to (1) the
| Imf::PreviewImage::PreviewImage function and (2) compressor
| constructors.  NOTE: some of these details are obtained from third
| party information.

CVE-2009-1721[1]:
| The decompression implementation in the Imf::hufUncompress function in
| OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a
| denial of service (application crash) or possibly execute arbitrary
| code via vectors that trigger a free of an uninitialized pointer.

CVE-2009-1722[2]:
| Heap-based buffer overflow in the compression implementation in
| OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of
| service (application crash) or possibly execute arbitrary code via
| unspecified vectors.

These issues are already fixed in the stable releases.  If you fix the
vulnerabilities please also make sure to include the CVE ids in your
changelog entry.

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1720
    http://security-tracker.debian.net/tracker/CVE-2009-1720
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1721
    http://security-tracker.debian.net/tracker/CVE-2009-1721
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1722
    http://security-tracker.debian.net/tracker/CVE-2009-1722




More information about the Pkg-phototools-devel mailing list