268 matches found
CVE-2018-19568
The CVE-2018-19568 issue affects the dcraw code (kodak_radc_load_raw) used by applications bundling dcraw; a floating point exception could crash the host app when fed malicious files. Public details in connected docs confirm the vulnerability is in dcraw up through version 9.28 and that openSUSE...
CVE-2018-19565
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
CVE-2018-19567
A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...
CVE-2018-19566
A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
CVE-2018-19565
CVE-2018-19565 is a vulnerability in LibRaw/dcraw (up to dcraw 9.28) caused by a buffer over-read in crop_masked_pixels, which can allow a crafted image to crash the host application that bundles the dcraw code or leak private information. The Connected documents (Red Hat, openSUSE, SUSE security...
CVE-2018-19567
CVE-2018-19567 stems from a floating point exception in parse_tiff_ifd within dcraw up to version 9.28. The issue could be triggered by processing malicious TIFFs in environments that bundle dcraw code, potentially crashing the host application that uses these components. The Connected documents ...
CVE-2018-19568
A floating point exception in kodakradcloadraw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...
CVE-2018-19566
CVE-2018-19566 is a heap buffer over-read in parse_tiff_ifd in the dcraw code (up to version 9.28). Exploitation could crash the host application or leak private information when processing malicious TIFF files. Connected sources indicate fixes in dcraw-9.28.0-2.1 (openSUSE), but no vendor-specif...
CVE-2018-19568
A floating point exception in kodakradcloadraw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...
CVE-2018-19565
A buffer over-read in cropmaskedpixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
CVE-2018-19566
A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...
CVE-2018-19567
A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...
LibRaw 'leaf_hdr_load_raw()' Function Denial of Service Vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A security vulnerability exists in the 'leafhdrloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.8. An attacker can exploit this...
LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp
LibRaw is vulnerable to stack-based buffer overflow in internal/dcrawcommon.cpp:quicktake100loadraw function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service...
LibRaw 'rollei_load_raw()' function heap buffer overflow vulnerability
LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A heap buffer overflow vulnerability exists in the 'rolleiloadraw' function in the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.9. A remote attacker can exploit this vulnerability with th...
openSUSE Security Update : libraw (openSUSE-2018-849)
This update for libraw fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-5813: Fixed an error within the 'parseminolta' function dcraw/dcraw.c that could be exploited to trigger an infinite loop via a specially crafted file. This could be exploited to...
UBUNTU-CVE-2018-5813
An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...
CVE-2018-5813
An error within the "parseminolta" function dcraw/dcraw.c in LibRaw versions prior to 0.18.11 can be exploited to trigger an infinite loop via a specially crafted file...
[SECURITY] Fedora 27 Update: dcraw-9.28.0-1.fc27
This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras...
LibRaw 'LibRaw::kodak_ycbcr_load_raw()' function heap buffer overflow vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A heap buffer overflow vulnerability exists in the 'LibRaw::kodakycbcrloadraw' function in versions prior to LibRaw 0.18.7 file internal/dcrawcommon.cpp. An attacker could...