mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-31 10:40:54 +00:00
939 B
939 B
CVE-2022-43602
Description
Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the ymax variable is set to 0xFFFF and m_spec.format is TypeDesc::UINT8
POC
Reference
Github
No PoCs found on GitHub currently.