Peter Hillman

4 exploits Active since Dec 2020
CVE-2020-16588 WRITEUP MEDIUM WRITEUP
OpenEXR 2.3.0 - Denial of Service via Crafted EXR File
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.
CVSS 5.5
CVE-2020-16589 WRITEUP MEDIUM WRITEUP
OpenEXR 2.3.0 - Denial of Service via Crafted EXR File
A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.
CVSS 5.5
CVE-2021-20298 WRITEUP HIGH WRITEUP
OpenEXR < 2.5.7 - Denial of Service via B44Compressor Memory Exhaustion
A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.
CVSS 7.5
CVE-2021-45942 WRITEUP MEDIUM WRITEUP
OpenEXR 3.1.0-3.1.3 - Heap-Based Buffer Overflow in LineCompositeTask
OpenEXR 3.1.x before 3.1.4 has a heap-based buffer overflow in Imf_3_1::LineCompositeTask::execute (called from IlmThread_3_1::NullThreadPoolProvider::addTask and IlmThread_3_1::ThreadPool::addGlobalTask). NOTE: db217f2 may be inapplicable.
CVSS 5.5