GHSA-99jg-r3f4-rpxj
Suggest an improvement- Source
- https://github.com/advisories/GHSA-99jg-r3f4-rpxj
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/12/GHSA-99jg-r3f4-rpxj/GHSA-99jg-r3f4-rpxj.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-99jg-r3f4-rpxj
- Aliases
- Published
- 2023-12-12T13:20:29Z
- Modified
- 2023-12-12T13:41:33.264924Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- memory overflow vulnerability in OpenEXR-viewer
- Details
-
Just open this exr file through openexr-viewer.
( poc send by email )
This is windbg log file.
[ POC 2 ] (8660.7e44): Access violation - code c0000005 (!!! second chance !!!) openexr_viewer+0x27be4: 00007ff7
13ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000020a3ac8000c=????????Attempt to write the value 1.0 to the memory address 0x20A3AC8000C
[ POC 1 ] (1404.9264): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. openexr_viewer+0x27be4: 00007ff7
13ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000029cb371600c=????????Attempt to write the value 1.0 to the memory address 0x29CB371600C
Credits Team : ZeroPointer 이동하 ( Lee Dong Ha of ZeroPointer Lab ) 정지민 ( Jeong Jimin of ZeroPointer Lab ) 박우진 ( Park Woojin of ZeroPointer Lab ) 전우진 ( Jeon Woojin of ZeroPointer Lab )
- Database specific
{ "nvd_published_at": "2023-12-11T23:15:08Z", "cwe_ids": [ "CWE-120" ], "severity": "CRITICAL", "github_reviewed": true, "github_reviewed_at": "2023-12-12T13:20:29Z" }- References