15 matches found
OESA-2024-2366 dcraw security update
This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...
OESA-2024-2363 dcraw security update
This package contains dcraw, a command line tool to decode raw image data downloaded from digital cameras. Security Fixes: CVE-2017-13735 CVE-2017-14608 A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remot...
Denial of Service (DoS)
Overview org.webjars.npm:pacote is a JavaScript package downloader Affected versions of this package are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s rege...
SUSE CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...
SUSE CVE-2018-19655
A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...
dcraw 输入验证错误漏洞
dcraw is a set of open source tools for converting camera-shot RAW film into PPM or TIFF format images. A security vulnerability exists in dcraw, which stems from an integer overflow vulnerability. An attacker could execute arbitrary code on the victim's system via a maliciously crafted X3F input...
UBUNTU-CVE-2018-19655
A stack-based buffer overflow in the findgreen function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file...
LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp
LibRaw is vulnerable to stack-based buffer overflow in internal/dcrawcommon.cpp:quicktake100loadraw function when processing specially-crafted RAW data. An attacker could potentially use this flaw to cause an arbitrary code execution or denial of service...
LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp
A NULL pointer dereference vulnerability in internal/dcrawcommon.cpp:leafhdrloadraw function was found in LibRaw. A user can cause a denial of service when processing specially-crafted RAW data...
dcraw -- integer overflow condition
ocert reports: The dcraw tool, as well as several other projects re-using its code, suffers from an integer overflow condition which lead to a buffer overflow. The vulnerability concerns the 'len' variable, parsed without validation from opened images, used in the ljpegstart function. A malicious...
Updated vorbis-tools package fixes security vulnerability
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file CVE-2014-9640...
Vorbis Tools Denial of Service Vulnerability (CNVD-2015-00651)
vorbis-tools is a set of Ogg an audio compression format vorbis tools. A security vulnerability exists in the oggenc/oggenc.c file in vorbis-tools version 1.4.0. A local attacker can exploit this vulnerability to cause a denial of service out-of-bounds read with a specially crafted raw file...
DEBIAN-CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...
CVE-2014-9640
oggenc/oggenc.c in vorbis-tools 1.4.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted raw file...
CVE-2010-1846
Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted RAW image...