PT-2009-2918 · Ohanem · Easyhdr Pro
Stefan Cornelius
·
Publicado
2009-01-22
·
Atualizado
2018-10-11
·
CVE-2009-0246
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
easyHDR PRO version 1.60.2
Description
The issue is a stack-based buffer overflow that allows attackers to execute arbitrary code. This can be achieved by using an invalid Radiance RGBE file, also known as a .hdr file.
Recommendations
For easyHDR PRO version 1.60.2, avoid using invalid Radiance RGBE files until a patch is available. As a temporary workaround, consider restricting the use of .hdr files to minimize the risk of exploitation.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Easyhdr Pro