CVE-2023-50245 – afichet/openexr-viewer

Package

Manager: github_actions
Name: afichet/openexr-viewer
Vulnerable Version: >=0 <0.6.1

Severity

Level: Critical

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.0267 pctl0.85247

Details

memory overflow vulnerability in OpenEXR-viewer Just open this exr file through openexr-viewer. ( poc send by email ) This is windbg log file. [ POC 2 ] (8660.7e44): Access violation - code c0000005 (!!! second chance !!!) openexr_viewer+0x27be4: 00007ff7`13ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000020a`3ac8000c=???????? Attempt to write the value 1.0 to the memory address 0x20A3AC8000C [ POC 1 ] (1404.9264): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. openexr_viewer+0x27be4: 00007ff7`13ff7be4 c744880c0000803f mov dword ptr [rax+rcx*4+0Ch],3F800000h ds:0000029c`b371600c=???????? Attempt to write the value 1.0 to the memory address 0x29CB371600C Credits Team : ZeroPointer 이동하 ( Lee Dong Ha of ZeroPointer Lab ) 정지민    ( Jeong Jimin of ZeroPointer Lab ) 박우진    ( Park Woojin of ZeroPointer Lab ) 전우진    ( Jeon Woojin of ZeroPointer Lab )

Metadata

Created: 2023-12-12T13:20:29Z
Modified: 2023-12-12T13:20:29Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/12/GHSA-99jg-r3f4-rpxj/GHSA-99jg-r3f4-rpxj.json
CWE IDs: ["CWE-120"]
Alternative ID: GHSA-99jg-r3f4-rpxj
Finding: F316
Auto approve: 1