What is the severity of CVE-2009-1720?

CVE-2009-1720 is classified as having moderate severity due to its potential to cause denial of service and execute arbitrary code.

How do I fix CVE-2009-1720?

To fix CVE-2009-1720, users should upgrade to a patched version of OpenEXR, specifically versions later than 1.6.1.

What are the affected versions in CVE-2009-1720?

CVE-2009-1720 affects OpenEXR versions 1.2.2 and 1.6.1.

What type of vulnerabilities are associated with CVE-2009-1720?

CVE-2009-1720 is associated with multiple integer overflows that can lead to heap-based buffer overflows.

Can CVE-2009-1720 be exploited remotely?

Yes, CVE-2009-1720 can be potentially exploited by context-dependent attackers, making it a concern for security.

Vulnerability/
CVE-2009-1720

high

7.5

CWE

189 119 190

31/7/2009

23/10/2012

CVE-2009-1720: Buffer Overflow

First published: Fri Jul 31 2009(Updated: )

Multiple integer overflows in OpenEXR 1.2.2 and 1.6.1 allow context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors that trigger heap-based buffer overflows, related to (1) the Imf::PreviewImage::PreviewImage function and (2) compressor constructors. NOTE: some of these details are obtained from third party information.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
OpenEXR	=1.2.2
OpenEXR	=1.6.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1720?
CVE-2009-1720 is classified as having moderate severity due to its potential to cause denial of service and execute arbitrary code.
How do I fix CVE-2009-1720?
To fix CVE-2009-1720, users should upgrade to a patched version of OpenEXR, specifically versions later than 1.6.1.
What are the affected versions in CVE-2009-1720?
CVE-2009-1720 affects OpenEXR versions 1.2.2 and 1.6.1.
What type of vulnerabilities are associated with CVE-2009-1720?
CVE-2009-1720 is associated with multiple integer overflows that can lead to heap-based buffer overflows.
Can CVE-2009-1720 be exploited remotely?
Yes, CVE-2009-1720 can be potentially exploited by context-dependent attackers, making it a concern for security.

agent/weakness
agent/references
agent/severity
agent/author
agent/description
agent/type
agent/event
agent/first-publish-date
agent/softwarecombine
agent/last-modified-date
agent/remedy
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/openexr
canonical/openexr
version/openexr/1.2.2
version/openexr/1.6.1

Frequently Asked Questions

What is the severity of CVE-2009-1720?
CVE-2009-1720 is classified as having moderate severity due to its potential to cause denial of service and execute arbitrary code.
How do I fix CVE-2009-1720?
To fix CVE-2009-1720, users should upgrade to a patched version of OpenEXR, specifically versions later than 1.6.1.
What are the affected versions in CVE-2009-1720?
CVE-2009-1720 affects OpenEXR versions 1.2.2 and 1.6.1.
What type of vulnerabilities are associated with CVE-2009-1720?
CVE-2009-1720 is associated with multiple integer overflows that can lead to heap-based buffer overflows.
Can CVE-2009-1720 be exploited remotely?
Yes, CVE-2009-1720 can be potentially exploited by context-dependent attackers, making it a concern for security.

CVE-2009-1720: Buffer Overflow

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-1720?

How do I fix CVE-2009-1720?

What are the affected versions in CVE-2009-1720?

What type of vulnerabilities are associated with CVE-2009-1720?

Can CVE-2009-1720 be exploited remotely?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2009-1720?

How do I fix CVE-2009-1720?

What are the affected versions in CVE-2009-1720?

What type of vulnerabilities are associated with CVE-2009-1720?

Can CVE-2009-1720 be exploited remotely?