{ "schema_version": "1.4.0", "id": "GHSA-g7x3-mh62-h5hm", "modified": "2022-05-02T03:27:53Z", "published": "2022-05-02T03:27:53Z", "aliases": [ "CVE-2009-1722" ], "details": "Heap-based buffer overflow in the compression implementation in OpenEXR 1.2.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-1722" }, { "type": "WEB", "url": "https://github.com/openexr/openexr/blob/master/CHANGES.md#version-170-july-23-2010" }, { "type": "WEB", "url": "http://lists.apple.com/archives/security-announce/2009/Aug/msg00001.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/36032" }, { "type": "WEB", "url": "http://secunia.com/advisories/36096" }, { "type": "WEB", "url": "http://secunia.com/advisories/36753" }, { "type": "WEB", "url": "http://security.debian.org/pool/updates/main/o/openexr/openexr_1.2.2-4.3+etch2.diff.gz" }, { "type": "WEB", "url": "http://support.apple.com/kb/HT3757" }, { "type": "WEB", "url": "http://www.debian.org/security/2009/dsa-1842" }, { "type": "WEB", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2009:191" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/35838" }, { "type": "WEB", "url": "http://www.securitytracker.com/id?1022674" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-831-1" }, { "type": "WEB", "url": "http://www.us-cert.gov/cas/techalerts/TA09-218A.html" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2009/2035" }, { "type": "WEB", "url": "http://www.vupen.com/english/advisories/2009/2172" } ], "database_specific": { "cwe_ids": [ "CWE-119" ], "severity": "MODERATE", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2009-07-31T19:00:00Z" } }