Computer Security
[EN] securityvulns.ru no-pyccku


libraw / libKDCraw DoS
Published:01.10.2013
Source:
SecurityVulns ID:13290
Type:library
Threat Level:
5/10
Description:Crash on raw images parsing.
Affected:LIBRAW : libraw 0.15
CVE:CVE-2013-1439 (The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers cause a denial of service (NULL pointer dereference) via a crafted photo file.)
 CVE-2013-1438 (Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.)
Original documentdocumentUBUNTU, [USN-1978-1] libKDcraw vulnerabilities (01.10.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod