VDB

CVE-2017-9111

CVE-2017-9111 PUBLISHED

In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.

EPSS 2.40% · 85.4th percentile

Risk Scores

EPSS Score
2.40%
85.4th percentile

Affected Products

VendorProductVersions
Ubuntu:20.04:LTSopenexr2.3.0-6, 2.3.0-6build1, 2.2.1-4.1ubuntu1
Ubuntu:16.04:LTSopenexr2.2.0-7ubuntu1, 0, 2.2.0-9ubuntu1
Ubuntu:18.04:LTSopenexr2.2.0-11.1ubuntu1, 2.2.0-11ubuntu1, 0

Timeline

  • May 21, 2017 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Dec 27, 2021 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›