CVE-2017-1000450
Description
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution or denial of service. This affects Opencv 3.3 and earlier.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Integer overflow in OpenCV's FillUniColor/FillUniGray functions can lead to remote code execution or denial of service via crafted images.
Vulnerability
In OpenCV version 3.3 and earlier, the functions FillUniColor and FillUniGray in modules/imgcodecs/src/utils.cpp do not validate the length of input data during image decoding, leading to an integer overflow. This flaw is reachable when the library processes images from untrusted sources, such as remote downloads. Affected versions include all OpenCV releases up to and including 3.3 [1][2][4].
Exploitation
An attacker can exploit this vulnerability by crafting a malicious image file that triggers the integer overflow during decoding. No authentication is required; the victim only needs to process the image (e.g., via cv::imread). The provided proof-of-concept demonstrates that calling cv::imread on a specially crafted file causes an out-of-bounds write, leading to a segmentation fault [3][4].
Impact
Successful exploitation can result in memory corruption, potentially enabling denial of service via application crash. If the image is loaded from a remote source, the attacker may achieve remote code execution, gaining arbitrary control over the affected system [1][2].
Mitigation
OpenCV released fixed versions starting from 3.4. Users should upgrade to OpenCV 3.4 or later. As of the publication date, no workaround is documented for earlier releases; upgrading is the recommended action [1][2][4].
- GitHub - opencv/opencv-python: Automated CI toolchain to produce precompiled opencv-python, opencv-python-headless, opencv-contrib-python and opencv-contrib-python-headless packages.
- NVD - CVE-2017-1000450
- pocs/opencv/0.OOB_Write_FillUniColor at master · blendin/pocs
- Out of bounds write causes Segmentation Fault
AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opencv-pythonPyPI | < 3.3.1.11 | 3.3.1.11 |
opencv-contrib-pythonPyPI | < 3.3.1.11 | 3.3.1.11 |
Affected products
2- ghsa-coords2 versions
< 3.3.1.11+ 1 more
- (no CPE)range: < 3.3.1.11
- (no CPE)range: < 3.3.1.11
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- github.com/advisories/GHSA-m43c-649m-pm48ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-1000450ghsaADVISORY
- github.com/blendin/pocs/blob/master/opencv/0.OOB_Write_FillUniColorghsax_refsource_MISCWEB
- github.com/opencv/opencv/issues/9723ghsax_refsource_MISCWEB
- github.com/opencv/opencv/pull/9726/commits/c58152d94ba878b2d7d76bcac59146312199b9ebghsaWEB
- lists.debian.org/debian-lts-announce/2018/01/msg00008.htmlghsamailing-listx_refsource_MLISTWEB
- lists.debian.org/debian-lts-announce/2018/07/msg00030.htmlghsamailing-listx_refsource_MLISTWEB
- lists.debian.org/debian-lts-announce/2021/10/msg00028.htmlghsamailing-listx_refsource_MLISTWEB
News mentions
0No linked articles in our index yet.