OpenEXR : CVE-2017-14988 : DOS in Header::readfrom

["NOIRFATE" <noirfate () vip qq com>]

Description:
The Header::readfrom function may allocate any size of memory specified by user via a crafted exr image file, and cause 
DOS.

Affected version:
openexr 2.2.0

Fixed version:
No upstream fix available

Details:
https://github.com/openexr/openexr/issues/248

Credit:
This bug was discovered by Yihan Lian of GearTeam at Qihoo360

CVE:
CVE-2017-14988