33 matches found
Linux Distros Unpatched Vulnerability : CVE-2013-1438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a...
RHEL 7 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libraw: Stack based buffer overflow in the xtransinterpolate function CVE-2017-14265 - Unspecified...
RHEL 5 : dcraw (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Index overflow in smaldecodesegment CVE-2015-8366 - Unspecified vulnerability in dcraw 0.8.x...
Mageia: Security Advisory (MGASA-2013-0301)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0011)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2014-0081)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 201309-09
Gentoo Linux Local Security Checks GLSA 201309-09 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Fedora Update for dcraw FEDORA-2015-8621
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for dcraw FEDORA-2015-8671
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : rawtherapee (MDVSA-2014:098)
Updated rawtherapee package fixes security vulnerability : Due to flaws in the embedded copy of dcraw in rawtherapee, corrupt input files might trigger a division by zero, an infinite loop, or a NULL pointer dereference CVE-2013-1438. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Updated rawtherapee package fixes security vulnerability
Due to flaws in the embedded copy of dcraw in rawtherapee, corrupt input files might trigger a division by zero, an infinite loop, or a null pointer dereference CVE-2013-1438...
Updated xbmc package fixes a security vulnerability
Due to flaws in the embedded copy of libDCR, a fork of dcraw.c, in the embedded copy of CxImage, opening a specially crafted photo file could trigger a division by zero, an infinite loop, or a null pointer dereference, resulting in a denial of service CVE-2013-1438. This update fixes those flaws...
Updated darktable package fixes two vulnerabilities
Updated darktable package fixes security vulnerabilities: Darktable before version 1.2.3 contains an embedded copy of LibRaw that incorrectly handled photo files. If a user was tricked into processing a specially crafted photo file, darktable could be made to crash, resulting in a denial of servi...
Fedora Update for ufraw FEDORA-2013-22832
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ufraw FEDORA-2013-22832
Check for the Version of ufraw OpenVAS Vulnerability Test Fedora Update for ufraw FEDORA-2013-22832 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
CVE-2013-1438
CVE-2013-1438 affects dcraw 0.8.x–0.8.9 (used by libraw, ufraw, shotwell). The underlying issue causes a denial of service when processing a crafted photo, via divide-by-zero, infinite loop, or NULL pointer dereference. Exploitation details are not provided beyond this and no official patch/versi...
Fedora 20 : dcraw-9.19-4.fc20 (2013-22854)
This update hardens dcraw against corrupt input files which might trigger a division by zero, an infinite loop, or a NULL pointer dereference otherwise. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempt...
Fedora Update for ufraw FEDORA-2013-22899
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ufraw FEDORA-2013-22924
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for dcraw FEDORA-2013-22929
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...