Lucene search

K

RedhatCVELIST:CVE-2013-2126

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2013-2126

2022-10-0316:15:02

redhat

www.cve.org

6

libraw

double free

vulnerabilities

denial of service

execute arbitrary code

full-color

foveon

sraw

image file

AI Score

8.2

Confidence

High

EPSS

0.017

Percentile

87.9%

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.

References

lists.opensuse.org/opensuse-updates/2013-06/msg00193.html

lists.opensuse.org/opensuse-updates/2013-06/msg00195.html

secunia.com/advisories/53547

secunia.com/advisories/53883

secunia.com/advisories/53888

secunia.com/advisories/53938

www.libraw.org/news/libraw-0-15-2

www.openwall.com/lists/oss-security/2013/05/29/7

www.openwall.com/lists/oss-security/2013/06/10/1

www.ubuntu.com/usn/USN-1884-1

www.ubuntu.com/usn/USN-1885-1

github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6

AI Score

8.2

Confidence

High

EPSS

0.017

Percentile

87.9%

Related for CVELIST:CVE-2013-2126

openvas137 nessus2 fedora58 securityvulns1 prion1 mageia1