Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-243-1
HistoryJun 10, 2015 - 12:00 a.m.

libraw - security update

2015-06-1000:00:00
Google
osv.dev
7

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON

[This DLA supersedes my wrong announcement using DLA 241-1]

  • CVE-2015-3885
    Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier
    allows remote attackers to cause a denial of service (crash) via a
    crafted image, which triggers a buffer overflow, related to the len
    variable.

We recommend that you upgrade your libraw packages.

CPENameOperatorVersion
libraweq0.9.1-1

Related

prion 1
fedora 16
nessus 28
debian 4
openvas 29
gentoo 3
osv 1
mageia 6
debiancve 1
cve 1
freebsd 1
veracode 1
ubuntucve 1
ubuntu 1
prion
prion
Integer overflow
2015-05-19 18:59:00
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-LibRaw-0.16.1-1.fc22
2015-05-26 03:20:24
[SECURITY] Fedora 22 Update: rawtherapee-4.2-9.fc22
2015-05-27 16:06:07
[SECURITY] Fedora 20 Update: LibRaw-0.15.4-2.fc20
2015-05-26 03:37:12
nessus
nessus
EulerOS 2.0 SP3 : dcraw (EulerOS-SA-2019-2567)
2019-12-19 00:00:00
Fedora 21 : ufraw-0.21-1.fc21 (2015-8717)
2015-06-09 00:00:00
Fedora 21 : mingw-LibRaw-0.16.2-1.fc21 (2015-8498)
2015-05-29 00:00:00
debian
debian
[SECURITY] [DLA 243-1] libraw security update
2015-06-10 20:19:37
[SECURITY] [DLA 241-1] libraw security update
2015-06-10 12:10:26
[SECURITY] [DLA 228-1] exactimage security update
2015-05-28 07:14:06
openvas
openvas
Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-2567)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2015-0224)
2022-01-28 00:00:00
Mageia: Security Advisory (MGASA-2015-0230)
2022-01-28 00:00:00
gentoo
gentoo
DCRaw: Buffer overflow
2017-01-23 00:00:00
Kodi: Multiple vulnerabilities
2017-06-20 00:00:00
LibRaw: Multiple vulnerabilities
2017-01-24 00:00:00
osv
osv
exactimage - security update
2015-05-28 00:00:00
mageia
mageia
Updated ufraw & dcraw packages fix CVE-2015-3885
2015-05-13 20:18:54
Updated rawtherapee packages fix CVE-2015-3885
2015-05-13 20:18:54
Updated xbmc packages fix CVE-2015-3885
2015-05-18 22:08:05
debiancve
debiancve
CVE-2015-3885
2015-05-19 18:59:00
cve
cve
CVE-2015-3885
2015-05-19 18:59:00
freebsd
freebsd
dcraw -- integer overflow condition
2015-04-24 00:00:00
veracode
veracode
Buffer Overflow
2023-12-28 15:12:15
ubuntucve
ubuntucve
CVE-2015-3885
2015-05-19 00:00:00
ubuntu
ubuntu
LibRaw vulnerabilities
2017-11-22 00:00:00

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

JSON
Related for OSV:DLA-243-1
prion1fedora16nessus28debian4openvas29gentoo3osv1mageia6debiancve1cve1freebsd1veracode1ubuntucve1ubuntu1