Out-of-Bounds Read and Write Vulnerability in OpenEXR's DwaCompressor

Out-of-Bounds Read and Write Vulnerability in OpenEXR's DwaCompressor

CVE-2020-11762 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.

Learn more about our Web Application Penetration Testing UK.