4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.048 Low
EPSS
Percentile
92.7%
Package : libraw
Version : 0.9.1-1+deb6u1
CVE ID : CVE-2015-3885
Debian Bug : 786788
CVE-2015-3885:
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier
allows remote attackers to cause a denial of service (crash) via a
crafted image, which triggers a buffer overflow, related to the len
variable.
We recommend that you upgrade your libraw packages.
Matteo F. Vescovi || Debian Developer
GnuPG KeyID: 4096R/0x8062398983B2CF7A
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 6 | all | wireshark-common | < 1.8.2-5wheezy16~deb6u1 | wireshark-common_1.8.2-5wheezy16~deb6u1_all.deb |
Debian | 6 | all | wireshark-dev | < 1.8.2-5wheezy16~deb6u1 | wireshark-dev_1.8.2-5wheezy16~deb6u1_all.deb |
Debian | 6 | all | wireshark | < 1.8.2-5wheezy16~deb6u1 | wireshark_1.8.2-5wheezy16~deb6u1_all.deb |
Debian | 6 | all | wireshark-dbg | < 1.8.2-5wheezy16~deb6u1 | wireshark-dbg_1.8.2-5wheezy16~deb6u1_all.deb |
Debian | 6 | all | tshark | < 1.8.2-5wheezy16~deb6u1 | tshark_1.8.2-5wheezy16~deb6u1_all.deb |