CVE-2017-12864 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2017-12864 Interim 1 9 2023-12-09T01:01:32Z current 2021-05-30T14:00:17Z 2023-12-09T01:01:32Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2017-12864 In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/URR7ZTQMPM6274QIWGAZ4FFPOQFELG44/#URR7ZTQMPM6274QIWGAZ4FFPOQFELG44 E-Mail link for openSUSE-SU-2018:1385-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings In opencv/modules/imgcodecs/src/grfmt_pxm.cpp, function ReadNumber did not checkout the input length, which lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier. CVE-2017-12864 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H