[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256040

 
 

909

 
 

199103

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1439Date: (C)2015-12-16   (M)2023-12-22


The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
DSA-2748
http://www.openwall.com/lists/oss-security/2013/08/29/3
https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad

CPE    21
cpe:/a:libraw:libraw:0.13.8
cpe:/a:libraw:libraw:0.14.7
cpe:/a:libraw:libraw:0.14.4
cpe:/a:libraw:libraw:0.13.5
...
OVAL    10
oval:org.secpod.oval:def:106188
oval:org.secpod.oval:def:106261
oval:org.secpod.oval:def:106306
oval:org.secpod.oval:def:106197
...

© SecPod Technologies