Total vulnerabilities in the database
The decompression implementation in the Imf::hufUncompress function in OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors that trigger a free of an uninitialized pointer.
| Software | From | Fixed in |
|---|---|---|
| openexr / openexr | 1.2.2 | 1.2.2.x |
| openexr / openexr | 1.6.1 | 1.6.1.x |
| opensuse / opensuse | 11.0 | 11.0.x |
| opensuse / opensuse | 10.3 | 10.3.x |
| opensuse / opensuse | 10.0 | 10.0.x |
| apple / mac_os_x | - | 10.5.8 |
| debian / debian_linux | 5.0 | 5.0.x |
| debian / debian_linux | 4.0 | 4.0.x |
| canonical / ubuntu_linux | 9.04 | 9.04.x |
| canonical / ubuntu_linux | 8.10 | 8.10.x |
| canonical / ubuntu_linux | 8.04 | 8.04.x |
| fedoraproject / fedora | 11 | 11.x |
| fedoraproject / fedora | 10 | 10.x |