Lucene search
Ubuntu.comUB:CVE-2013-1438HistoryAug 30, 2013 - 12:00 a.m.
CVE-2013-1438
2013-08-3000:00:00
ubuntu.com
ubuntu.com
10
0.001 Low
EPSS
Percentile
46.5%
Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw,
ufraw, shotwell, and other products, allows context-dependent attackers to
cause a denial of service via a crafted photo file that triggers a (1)
divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.
Bugs
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721235>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721239 (libkdcraw)>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721232>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721233>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721234>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721231 (libraw)>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721237>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721236>
- <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721238>
Notes
| Author | Note |
|---|---|
| jdstrand | upstream says to use 0.14-stable branch from github repo |
| sbeattie | darktable as of 2.0.0 does not have embedded LibRaw anymore |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | dcraw | < any | UNKNOWN |
| ubuntu | 12.04 | noarch | libkdcraw | < 4:4.8.5-0ubuntu0.3 | UNKNOWN |
| ubuntu | 17.10 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
| ubuntu | 18.04 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
| ubuntu | 18.10 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
| ubuntu | 19.04 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
| ubuntu | 19.10 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
| ubuntu | 20.04 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
| ubuntu | 20.10 | noarch | libraw | < 0.15.3-1ubuntu1 | UNKNOWN |
Related
mageia
mageia
Updated xbmc package fixes a security vulnerability
2014-02-16 16:54:48
Updated rawtherapee package fixes security vulnerability
2014-02-17 04:25:25
Updated dcraw and ufraw package fix security vulnerability
2014-01-17 04:24:49
securityvulns
securityvulns
[SECURITY] [DSA 2748-1] exactimage security update
2013-09-09 00:00:00
exactimage DoS
2013-09-09 00:00:00
libraw / libKDCraw DoS
2013-10-01 00:00:00
nessus
nessus
Debian DSA-2748-1 : exactimage - denial of service
2013-09-02 00:00:00
Mandriva Linux Security Advisory : rawtherapee (MDVSA-2014:098)
2014-05-19 00:00:00
Fedora 20 : dcraw-9.19-4.fc20 (2013-22854)
2013-12-18 00:00:00
veracode
veracode
Denial Of Service (DoS)
2022-11-09 08:37:09
cvelist
cvelist
CVE-2013-1438
2014-01-19 16:00:00
osv
osv
exactimage - denial of service
2013-09-10 00:00:00
exactimage - denial of service
2013-09-01 00:00:00
cve
cve
CVE-2013-1438
2014-01-19 18:02:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0081)
2022-01-28 00:00:00
Debian Security Advisory DSA 2748-1 (exactimage - denial of service)
2013-09-01 00:00:00
Mageia: Security Advisory (MGASA-2014-0011)
2022-01-28 00:00:00
debiancve
debiancve
CVE-2013-1438
2014-01-19 18:02:00
prion
prion
Null pointer dereference
2014-01-19 18:02:00
debian
debian
[SECURITY] [DSA 2748-1] exactimage security update
2013-09-01 10:23:02
[SECURITY] [DSA 2754-1] exactimage security update
2013-09-10 22:29:12
fedora
fedora
[SECURITY] Fedora 19 Update: LibRaw-0.14.8-3.fc19.20120830git98d925
2013-09-09 23:50:03
[SECURITY] Fedora 20 Update: dcraw-9.25.0-2.fc20
2015-06-06 00:07:51
[SECURITY] Fedora 20 Update: ufraw-0.21-1.fc20
2015-06-05 23:50:30
ubuntu
ubuntu
libKDcraw vulnerabilities
2013-09-30 00:00:00
LibRaw vulnerabilities
2013-09-23 00:00:00
gentoo
gentoo
LibRaw, libkdcraw: Multiple vulnerabilities
2013-09-15 00:00:00