Vulnerability Details : CVE-2017-1000450
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2017-1000450
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:opencv:opencv:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-1000450
1.63%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-1000450
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-1000450
-
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-1000450
-
https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html
[SECURITY] [DLA 2799-1] opencv security updateMailing List;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html
[SECURITY] [DLA 1235-1] opencv security updateMailing List;Third Party Advisory
-
https://github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColor
pocs/0.OOB_Write_FillUniColor at master · blendin/pocs · GitHubExploit;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html
[SECURITY] [DLA 1438-1] opencv security updateMailing List;Third Party Advisory
-
https://github.com/opencv/opencv/issues/9723
Out of bounds write causes Segmentation Fault · Issue #9723 · opencv/opencv · GitHubExploit;Issue Tracking;Third Party Advisory
Jump to