The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of…
mitre·CWE-617·Published 2018-03-05
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. Note: “OpenCV CV_Assert is not an assertion (C-like assert()), it is regular C++ exception which can raised in case of invalid or non-supported parameters.
** EN DISPUTA ** La función validateInputImageSize en modules / imgcodecs / src / loadsave.cpp en OpenCV 3.4.1 permite a los atacantes remotos causar una denegación de servicio (assertion failure) porque (píxeles <= (1 << 30)) puede ser falso. Nota: "OpenCV CV_Assert no es una aserción (C-like assert()), es una excepción normal de C ++ que se puede generar en caso de parámetros no válidos o no admitidos".
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 5.0 | 10.0 | 2.9 | AV:N/AC:L/Au:N/C:N/I:N/A:P |
| 3.0 | Primary | NVD | 7.5 | 3.9 | 3.6 | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |