N/A

A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

栈缓冲区溢出

OpenImageIO 缓冲区错误漏洞

OpenImageIO是OpenImageIO开源的一个图像处理库。具有易于使用的界面和大量受支持的图像格式。 OpenImageIO v2.3.19.0版本存在安全漏洞，该漏洞源于其TGA文件格式解析器允许攻击者通过专门制作的targa文件实现基于栈的缓冲区溢出导致在流程堆栈上越界读写，从而导致任意代码执行。

N/A

N/A