Stack overflow

2018-11-2905:29:00

PRIOn knowledge base

www.prio-n.com

8.7 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.3%

JSON

A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.

CPENameOperatorVersion
dcrawle9.28
suse_linux_enterprise_desktopeq12 sp3
suse_linux_enterprise_desktopeq12 sp4
suse_linux_enterprise_servereq11 sp4
suse_linux_enterprise_servereq12 sp3
suse_linux_enterprise_servereq12 sp4

Name	Operator	Version
dcraw	le	9.28
suse_linux_enterprise_desktop	eq	12 sp3
suse_linux_enterprise_desktop	eq	12 sp4
suse_linux_enterprise_server	eq	11 sp4
suse_linux_enterprise_server	eq	12 sp3
suse_linux_enterprise_server	eq	12 sp4