UBUNTU-CVE-2018-10528

An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in librawcxx.cpp...

UBUNTU-CVE-2018-10529

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in librawx3f.cpp and librawcxx.cpp...

CVE-2018-10529

An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in librawx3f.cpp and librawcxx.cpp...

imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::panasonic_load_raw

Detailed report: https://oss-fuzz.com/testcase?key=5147834853621760 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

imagemagick/ping_jng_fuzzer: Use-of-uninitialized-value in LibRaw::canon_has_lowbits

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=4875697035149312 Project: imagemagick Fuzzer: libFuzzerimagemagickpingjngfuzzer Fuzz target binary: pingjngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

imagemagick/crop_fuzzer: Strcpy-param-overlap in LibRaw::identify

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6194991601811456 Project: imagemagick Fuzzer: libFuzzerimagemagickcropfuzzer Fuzz target binary: cropfuzzer Job Type: libfuzzerasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_dng_fuzzer: Index-out-of-bounds in LibRaw::scale_colors_loop

Detailed report: https://oss-fuzz.com/testcase?key=5119570110054400 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State:...

imagemagick/encoder_dng_fuzzer: Stack-buffer-overflow in LibRaw::kodak_radc_load_raw

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5965403386806272 Project: imagemagick Fuzzer: aflimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_dng_fuzzer: Index-out-of-bounds in LibRaw::parse_tiff_ifd

Detailed report: https://oss-fuzz.com/testcase?key=5204103790592000 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State:...

imagemagick/enhance_fuzzer: Index-out-of-bounds in LibRaw::adobe_coeff

Detailed report: https://oss-fuzz.com/testcase?key=5782493010591744 Project: imagemagick Fuzzer: libFuzzerimagemagickenhancefuzzer Fuzz target binary: enhancefuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type: Index-out-of-bounds Crash Address: Crash State: LibRaw::adobecoef...

imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::copy_bayer

Detailed report: https://oss-fuzz.com/testcase?key=5941752545411072 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

imagemagick/encoder_dng_fuzzer: Use-of-uninitialized-value in LibRaw::parse_tiff_ifd

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=6488155063582720 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzermsanimagemagick Platform Id: linux Crash Type:...

imagemagick/rotate_fuzzer: Stack-buffer-overflow in LibRaw::identify

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5723382935977984 Project: imagemagick Fuzzer: aflimagemagickrotatefuzzer Fuzz target binary: rotatefuzzer Job Type: aflasanimagemagick Platform Id: linux Crash Type: Stack-buffer-overflow RE...

imagemagick/rotate_fuzzer: Index-out-of-bounds in LibRaw::pana_bits

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5404692520632320 Project: imagemagick Fuzzer: libFuzzerimagemagickrotatefuzzer Fuzz target binary: rotatefuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type:...

imagemagick/encoder_dng_fuzzer: Index-out-of-bounds in LibRaw::scale_colors_loop

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5134521042206720 Project: imagemagick Fuzzer: libFuzzerimagemagickencoderdngfuzzer Fuzz target binary: encoderdngfuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type:...

imagemagick/crop_fuzzer: Index-out-of-bounds in LibRaw::linear_table

Project: https://github.com/imagemagick/imagemagick.git Detailed report: https://oss-fuzz.com/testcase?key=5676335327346688 Project: imagemagick Fuzzer: libFuzzerimagemagickcropfuzzer Fuzz target binary: cropfuzzer Job Type: libfuzzerubsanimagemagick Platform Id: linux Crash Type:...

Ubuntu 14.04 LTS / 16.04 LTS : LibRaw vulnerabilities (USN-3615-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3615-1 advisory. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted...

Ubuntu: Security Advisory (USN-3615-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3615-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-3615-1 libraw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...