CVE-2017-12864

Name of the Vulnerable Software and Affected Versions: OpenCV versions 3.3 and earlier

Description: The issue is related to an integer overflow in the ReadNumber function in opencv/modules/imgcodecs/src/grfmt pxm.cpp. This can lead to remote code execution or denial of service if the image is from a remote source. The vulnerability may allow an attacker to access confidential data, compromise its integrity, and cause a denial of service using a specially crafted file.

Recommendations: For OpenCV versions 3.3 and earlier, consider disabling the ReadNumber function in opencv/modules/imgcodecs/src/grfmt pxm.cpp as a temporary workaround until a patch is available. Restrict access to remote images to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.