Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 1842-1 (openexr)
The remote host is missing an update to openexr
announced via advisory DSA 1842-1.

Several vulnerabilities have been discovered in the OpenEXR image
library, which can lead to the execution of arbitrary code. The Common
Vulnerabilities and Exposures project identifies the following problems:


Drew Yao discovered integer overflows in the preview and
compression code.


Drew Yao discovered that an uninitialised pointer could be freed
in the decompression code.


A buffer overflow was discovered in the compression code.

For the old stable distribution (etch), these problems have been fixed
in version 1.2.2-4.3+etch2.

For the stable distribution (lenny), these problems have been fixed
in version 1.6.1-3+lenny3.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your openexr packages.


CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1720
BugTraq ID: 35838
Cert/CC Advisory: TA09-218A
Debian Security Information: DSA-1842 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:014 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2009-1721
Common Vulnerability Exposure (CVE) ID: CVE-2009-1722
CopyrightCopyright (c) 2009 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.