Description
Stack-based buffer overflow in easyHDR PRO 1.60.2 allows user-assisted attackers to execute arbitrary code via an invalid Radiance RGBE (aka .hdr) file.
References (9)
Core 9
Core References
Vendor Advisory x_refsource_confirm
http://easyhdr.com/version.php
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4941
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2008-61/
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2009/0190
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/33363
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/500192/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/33468
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/48119
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/51609
Scores
EPSS
0.0338
EPSS Percentile
87.4%
Details
CWE
CWE-119
Status
published
Products (1)
easyhdr/easyhdr
1.60.2
Published
Jan 22, 2009
Tracked Since
Feb 18, 2026