https://blog.qife122.com/tags/openexr/ Recent content in OpenEXR on 办公AI智能小助手 Hugo zh-cn qife Mon, 29 Dec 2025 06:46:15 +0800 https://blog.qife122.com/p/openexr%E9%AB%98%E5%8D%B1%E5%A0%86%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E5%89%96%E6%9E%90cve-2025-12839%E6%8A%80%E6%9C%AF%E7%BB%86%E8%8A%82%E4%B8%8E%E7%BC%93%E8%A7%A3%E6%96%B9%E6%A1%88/ Mon, 29 Dec 2025 06:46:15 +0800 https://blog.qife122.com/p/openexr%E9%AB%98%E5%8D%B1%E5%A0%86%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E%E6%B7%B1%E5%BA%A6%E5%89%96%E6%9E%90cve-2025-12839%E6%8A%80%E6%9C%AF%E7%BB%86%E8%8A%82%E4%B8%8E%E7%BC%93%E8%A7%A3%E6%96%B9%E6%A1%88/ <h3 id="cve-2025-12839cwe-122academy-software-foundation-openexr-堆缓冲区溢出">CVE-2025-12839：CWE-122：Academy Software Foundation OpenEXR 堆缓冲区溢出</h3> <p><strong>严重性：高</strong> <strong>类型：漏洞</strong></p> <p><strong>CVE-2025-12839</strong> Academy Software Foundation OpenEXR EXR文件解析堆缓冲区溢出远程代码执行漏洞。此漏洞允许远程攻击者在受影响的Academy Software Foundation OpenEXR安装上执行任意代码。利用此漏洞需要用户交互，即目标必须访问恶意页面或打开恶意文件。</p>