Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-99jg-r3f4-rpxj: memory overflow vulnerability in OpenEXR-viewer

Just open this exr file through openexr-viewer.

( poc send by email )

This is windbg log file.

[ POC 2 ] (8660.7e44): Access violation - code c0000005 (!!! second chance !!!) openexr_viewer+0x27be4: 00007ff713ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000020a3ac8000c=???

Attempt to write the value 1.0 to the memory address 0x20A3AC8000C

[ POC 1 ] (1404.9264): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. openexr_viewer+0x27be4: 00007ff713ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000029cb371600c=???

Attempt to write the value 1.0 to the memory address 0x29CB371600C

Credits Team : ZeroPointer 이동하 ( Lee Dong Ha of ZeroPointer Lab ) 정지민 ( Jeong Jimin of ZeroPointer Lab ) 박우진 ( Park Woojin of ZeroPointer Lab ) 전우진 ( Jeon Woojin of ZeroPointer Lab )

ghsa
Open in Source
#vulnerability

Just open this exr file through openexr-viewer.

( poc send by email )

This is windbg log file.

[ POC 2 ]
(8660.7e44): Access violation - code c0000005 (!!! second chance !!!)
openexr_viewer+0x27be4:
00007ff713ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000020a3ac8000c=???

Attempt to write the value 1.0 to the memory address 0x20A3AC8000C

[ POC 1 ]
(1404.9264): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
openexr_viewer+0x27be4:
00007ff713ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000029cb371600c=???

Attempt to write the value 1.0 to the memory address 0x29CB371600C

Credits
Team : ZeroPointer
이동하 ( Lee Dong Ha of ZeroPointer Lab )
정지민 ( Jeong Jimin of ZeroPointer Lab )
박우진 ( Park Woojin of ZeroPointer Lab )
전우진 ( Jeon Woojin of ZeroPointer Lab )

References

  • GHSA-99jg-r3f4-rpxj
  • https://nvd.nist.gov/vuln/detail/CVE-2023-50245
  • afichet/openexr-viewer@d0a7e85

Related news

CVE-2023-50245: memory overflow vulnerability in OpenEXR-viewer

OpenEXR-viewer is a viewer for OpenEXR files with detailed metadata probing. Versions prior to 0.6.1 have a memory overflow vulnerability. This issue is fixed in version 0.6.1.

ghsa: Latest News

GHSA-49cc-xrjf-9qf7: SFTPGo allows administrators to restrict command execution from the EventManager
ghsa