mirror of
https://github.com/0xMarcio/cve.git
synced 2025-11-30 18:56:19 +00:00
940 B
940 B
CVE-2022-43600
Description
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the xmax variable is set to 0xFFFF and m_spec.format is TypeDesc::UINT16
POC
Reference
Github
No PoCs found on GitHub currently.