29 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-5819
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An error within the parsesinaria function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to exhaust available CPU resources...
Out-of-bounds Read
libraw.so is vulnerable to an out-of-bounds read. The vulnerability is due to the kodak65000loadraw function within dcraw.c and dcrawcommon.cpp using unchecked index to access the curve array, potentially leading to accessing memory outside the array's valid range. This issue could allow an...
CVE-2020-22628
Buffer Overflow vulnerability in LibRaw::stretch function in libraw\src\postprocessing\aspectratio.cpp...
LibRaw: stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
CVE-2018-5818
An error within the "parserollei" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...
CVE-2018-5819
CVE-2018-5819 affects LibRaw prior to 0.19.1, where an issue in parse_sinar_ia() (internal/dcraw_common.cpp) can be exploited to exhaust CPU resources (denial of service). The vulnerability is documented across multiple sources linked to LibRaw versions before 0.19.1, with Debian LTS advisory DLA...
CVE-2018-5818
An error within the "parserollei" function internal/dcrawcommon.cpp within LibRaw versions prior to 0.19.1 can be exploited to trigger an infinite loop...
Denial Of Service (DoS)
libraw.so is vulnerable to denial of service. A flaw in the parserollei function in internal/dcrawcommon.cpp allows a remote attacker to cause the application to enter into an infinite loop, resulting in a denial of service condition...
LibRaw stack buffer overflow vulnerability (CNVD-2018-26473)
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A stack-based buffer overflow vulnerability exists in the 'parsemakernote' function of the dcrawcommon.cpp file in LibRaw version 0.19.1. An attacker can exploit this...
Stack overflow
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
CVE-2018-20337
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
CVE-2018-20337
There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...
LibRaw 'identify()' function integer overflow vulnerability
LibRaw is a C++ library developed by the LibRaw team for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. An integer overflow vulnerability exists in the 'identify' function of the internal/dcrawcommon.cpp file in LibRaw versions prior to 0.18.12. A remote attacker can exploit this...
Heap overflow
An error within the "rolleiloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash...
Integer overflow
An integer overflow error within the "parseqt" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file...
Heap overflow
An error related to the "LibRaw::panasonicloadraw" function dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image...
CVE-2018-5808
CVE-2018-5808 affects LibRaw prior to version 0.18.9, where an issue in the find_green() function (internal/dcraw_common.cpp) can cause a stack-based buffer overflow and potentially allow arbitrary code execution. Public material in connected documents confirms LibRaw as the affected component an...
CVE-2018-5816
An integer overflow error within the "identify" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.12 can be exploited to trigger a division by zero via specially crafted NOKIARAW file Note: This vulnerability is caused due to an incomplete fix of CVE-2018-5804...
CVE-2018-5806
An error within the "leafhdrloadraw" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference...
CVE-2018-5810
A heap-based buffer overflow has been discovered in LibRaw, in the way rolleiloadraw function in internal/dcrawcommon.cpp file handles the input image. An attacker could trigger the flaw by providing a specially crafted Rollei RAW Image, which could result in a crash or other unspecified effects...