Package name
OpenEXR
Date
2009-08-02
Advisory ID
MDVSA-2009:191
Affected versions
CS4.0 x86_64 , CS4.0 i586

Problem description

Multiple vulnerabilities has been found and corrected in OpenEXR:

Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1
allow context-dependent attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via unspecified
vectors that trigger heap-based buffer overflows, related to (1)
the Imf::PreviewImage::PreviewImage function and (2) compressor
constructors. NOTE: some of these details are obtained from third
party information (CVE-2009-1720).

The decompression implementation in the Imf::hufUncompress function in
OpenEXR 1.2.2 and 1.6.1 allows context-dependent attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via vectors that trigger a free of an uninitialized pointer
(CVE-2009-1721).

Buffer overflow in the compression implementation in OpenEXR 1.2.2
allows context-dependent attackers to cause a denial of service
(application crash) or possibly execute arbitrary code via unspecified
vectors (CVE-2009-1722).

This update provides fixes for these vulnerabilities.

Updated packages

CS4.0 x86_64

 2443eed8b8599126300fb61f17b14c8c  corporate/4.0/x86_64/lib64OpenEXR2-1.2.2-3.1.20060mlcs4.x86_64.rpm
 8c57f91c078821221feaf1bb390d9925  corporate/4.0/x86_64/lib64OpenEXR2-devel-1.2.2-3.1.20060mlcs4.x86_64.rpm
 d8264dce1156e9c60f58f6765d38d317  corporate/4.0/x86_64/OpenEXR-1.2.2-3.1.20060mlcs4.x86_64.rpm 
 13ad97aee38294f44fb49312b13fd2ad  corporate/4.0/SRPMS/OpenEXR-1.2.2-3.1.20060mlcs4.src.rpm

CS4.0 i586

 946b1c4d8a4c50aa6130e76c3d6fff06  corporate/4.0/i586/libOpenEXR2-1.2.2-3.1.20060mlcs4.i586.rpm
 7f596e5869c12f454dcbd0341e445624  corporate/4.0/i586/libOpenEXR2-devel-1.2.2-3.1.20060mlcs4.i586.rpm
 c3932240bc5e30f064a5befba72956f1  corporate/4.0/i586/OpenEXR-1.2.2-3.1.20060mlcs4.i586.rpm 
 13ad97aee38294f44fb49312b13fd2ad  corporate/4.0/SRPMS/OpenEXR-1.2.2-3.1.20060mlcs4.src.rpm

References