CVE-2017-12596 - OpenCVE

In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact.

No CVSS v3.1

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Openexr	Openexr

Configuration 1 [-]

cpe:2.3:a:openexr:openexr:2.2.0:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/openexr/openexr/issues/238	Exploit Third Party Advisory
https://github.com/openexr/openexr/releases/tag/v2.3.0
https://github.com/xiaoqx/pocs/blob/master/openexr.md	Exploit Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html
https://usn.ubuntu.com/4148-1/

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-08-07T01:00:00

Updated: 2020-08-30T21:06:12

Reserved: 2017-08-06T00:00:00

Link: CVE-2017-12596

JSON object: View

NVD Information

Status : Modified

Published: 2017-08-07T01:29:00.343

Modified: 2020-08-30T22:15:11.323

Link: CVE-2017-12596

JSON object: View

Redhat Information

No data.

CWE

CWE-125

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-08-06T00:00:00", "descriptions": [{"lang": "en", "value": "In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-08-30T21:06:12", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/xiaoqx/pocs/blob/master/openexr.md"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openexr/openexr/issues/238"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/openexr/openexr/releases/tag/v2.3.0"}, {"name": "USN-4148-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4148-1/"}, {"name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2358-1] openexr security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-12596", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/xiaoqx/pocs/blob/master/openexr.md", "refsource": "MISC", "url": "https://github.com/xiaoqx/pocs/blob/master/openexr.md"}, {"name": "https://github.com/openexr/openexr/issues/238", "refsource": "MISC", "url": "https://github.com/openexr/openexr/issues/238"}, {"name": "https://github.com/openexr/openexr/releases/tag/v2.3.0", "refsource": "CONFIRM", "url": "https://github.com/openexr/openexr/releases/tag/v2.3.0"}, {"name": "USN-4148-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4148-1/"}, {"name": "[debian-lts-announce] 20200830 [SECURITY] [DLA 2358-1] openexr security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-12596", "datePublished": "2017-08-07T01:00:00", "dateReserved": "2017-08-06T00:00:00", "dateUpdated": "2020-08-30T21:06:12", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openexr:openexr:2.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "DCA193BE-2354-4F9E-8415-F743BAAFEA2C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact."}, {"lang": "es", "value": "En OpenEXR 2.2.0, una imagen manipulada provoca una sobrelectura de b\u00fafer basada en memoria din\u00e1mica en la funci\u00f3n hufDecode en IlmImf/ImfHuf.cpp durante la ejecuci\u00f3n de exrmaketiled. Esto podr\u00eda tener como consecuencia una denegaci\u00f3n de servicio o, posiblemente, causar otro tipo de impacto no especificado."}], "id": "CVE-2017-12596", "lastModified": "2020-08-30T22:15:11.323", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-08-07T01:29:00.343", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/openexr/openexr/issues/238"}, {"source": "cve@mitre.org", "url": "https://github.com/openexr/openexr/releases/tag/v2.3.0"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/xiaoqx/pocs/blob/master/openexr.md"}, {"source": "cve@mitre.org", "url": "https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html"}, {"source": "cve@mitre.org", "url": "https://usn.ubuntu.com/4148-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Primary"}]}