CVE-2019-6203
https://notcve.org/view.php?id=CVE-2019-6203
A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. Se abordó un problema lógico con una administración de estado mejorada. Este problema está corregido en iOS versión 12.2, macOS Mojave versión 10.14.4, tvOS versión 12.2. • https://github.com/qingxp9/CVE-2019-6203-PoC https://support.apple.com/HT209599 https://support.apple.com/HT209600 https://support.apple.com/HT209601 •
CVE-2020-11758
https://notcve.org/view.php?id=CVE-2020-11758
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites en el archivo ImfOptimizedPixelReading.h. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html https://bugs.chromium.org/p/project-zero/issues/detail?id=1987 https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3 https:// • CWE-125: Out-of-bounds Read •
CVE-2020-11760
https://notcve.org/view.php?id=CVE-2020-11760
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante una descompresión RLE en la función rleUncompress en el archivo ImfRle.cpp. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html https://bugs.chromium.org/p/project-zero/issues/detail?id=1987 https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3 https:// • CWE-125: Out-of-bounds Read •
CVE-2020-11761 – OpenEXR: out-of-bounds read during Huffman uncompression
https://notcve.org/view.php?id=CVE-2020-11761
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura fuera de límites durante la descompresión de Huffman, como es demostrado por la función FastHufDecoder::refill en el archivo ImfFastHuf.cpp. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html https://bugs.chromium.org/p/project-zero/issues/detail?id=1987 https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3 https:// • CWE-125: Out-of-bounds Read •
CVE-2020-11762
https://notcve.org/view.php?id=CVE-2020-11762
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. Se detectó un problema en OpenEXR versiones anteriores a 2.4.1. Se presenta una lectura y escritura fuera de límites en la función DwaCompressor::uncompress en el archivo ImfDwaCompressor.cpp cuando se maneja el caso de compresión DESCONOCIDO. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00051.html https://bugs.chromium.org/p/project-zero/issues/detail?id=1987 https://github.com/AcademySoftwareFoundation/openexr/blob/master/CHANGES.md#version-241-february-11-2020 https://github.com/AcademySoftwareFoundation/openexr/releases/tag/v2.4.1 https://lists.debian.org/debian-lts-announce/2020/08/msg00056.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4KFGDQG5PVYAU7TS5MZ7XCS6EMPVII3 https:// • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •