PT-2023-35704 · Libraw · Libraw

Name of the Vulnerable Software and Affected Versions: LibRaw affected versions not specified Description: The issue is related to a crash in LibRaw, specifically in the LibRaw::sget4 function, which is called by LibRaw::parseAdobeRAFMakernote and LibRaw::parse tiff ifd. The crash type is reporte...

SUSE CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

LibRaw Null Pointer Dereference Vulnerability

libraw is a C++ library for processing RAWCRW/CR2,NEF,RAF,DNG,andothers format images, supporting various operating systems. A code issue vulnerability exists in LibRaw version 20.0, which originates from a null pointer dereference cpp in parsetiffifd of src/metadata/tiff, which can be exploited ...

PT-2020-15850 · Libraw +1 · Libraw +1

Name of the Vulnerable Software and Affected Versions: libraw version 20.0 Description: The issue is related to a null pointer dereference vulnerability in the parse tiff ifd function located in src/metadata/tiff.cpp. This vulnerability may result in context-dependent arbitrary code execution, bu...

UBUNTU-CVE-2019-9641

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exifprocessIFDinTIFF...

dcraw floating point exception vulnerability (CNVD-2019-00790)

dcraw is a U.S. software developer David J. Coffin developed a set of open source for the camera to shoot the RAW film into PPM or TIFF format picture tool . A floating-point exception vulnerability exists in parsetiffifd in dcraw 9.28 and earlier versions, which can be exploited to cause an...

UBUNTU-CVE-2018-19566

A heap buffer over-read in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information...

Code injection

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

UBUNTU-CVE-2018-19567

A floating point exception in parsetiffifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code...

DEBIAN-CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

UBUNTU-CVE-2017-6887

A boundary error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs...

UBUNTU-CVE-2017-6886

An error within the "parsetiffifd" function internal/dcrawcommon.cpp in LibRaw versions before 0.18.2 can be exploited to corrupt memory...

Internet Bug Bounty: Buffer over-read in exif_read_data with TIFF IFD tag

https://bugs.php.net/bug.php?id=70385...