Ubuntu 18.04 LTS / 20.04 LTS : LibRaw vulnerabilities (USN-5715-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5715-1 advisory. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted...

Out-of-Bounds Read

libRaw is vulnerable to out-of-bounds reads. The vulnerability is within the newnode function of x3futilspatched.cpp which can be triggered via a crafted X3F file causing an application crash...

CVE-2020-35530

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

CVE-2020-35530

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

Out-of-bounds

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

CVE-2020-35530

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

CVE-2020-35530

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

CVE-2020-35530

CVE-2020-35530 is a LibRaw vulnerability: an out-of-bounds write in the new_node() path (libraw/src/x3f_utils_patched.cpp) that can be triggered by a crafted X3F file. The issue is exploitable locally (AV:L, AC:L) with user interaction required, and the CVSS base score is 5.5 (Medium) with availa...

CVE-2020-35530

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

CVE-2020-35530

In LibRaw, there is an out-of-bounds write vulnerability within the "newnode" function libraw\src\x3f\x3futilspatched.cpp that can be triggered via a crafted X3F file...

Microsoft Windows Raw Image Extension X3F File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Raw Image Extension. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...