CVE-2018-5817
https://notcve.org/view.php?id=CVE-2018-5817
A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop. Un error de confusión de tipos en la función "unpacked_load_raw()" en LibRaw, en versiones anteriores a la 0.19.1 (internal/dcraw_common.cpp), puede ser explotado para desencadenar un bucle infinito. • https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/secunia_research/2018-27 https://usn.ubuntu.com/3989-1 https://www.libraw.org/news/libraw-0-19-2-release • CWE-704: Incorrect Type Conversion or Cast •
CVE-2018-5811
https://notcve.org/view.php?id=CVE-2018-5811
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Un error en la función "nikon_coolscan_load_raw()" (internal/dcraw_common.cpp) en LibRaw en versiones anteriores a la 0.18.9 se puede explotar para provocar un acceso de lectura a la memoria fuera de límites y un cierre inesperado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9 https://secuniaresearch.flexerasoftware.com/advisories/81800 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10 https://usn.ubuntu.com/3838-1 • CWE-125: Out-of-bounds Read •
CVE-2018-5810
https://notcve.org/view.php?id=CVE-2018-5810
An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Un error en la función "rollei_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9 https://secuniaresearch.flexerasoftware.com/advisories/81800 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-10 https://usn.ubuntu.com/3838-1 • CWE-787: Out-of-bounds Write •
CVE-2018-5808
https://notcve.org/view.php?id=CVE-2018-5808
An error within the "find_green()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Un error en la función "find_green()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y la ejecución de código arbitrario. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9 https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/advisories/81800 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-9 • CWE-787: Out-of-bounds Write •
CVE-2018-5809
https://notcve.org/view.php?id=CVE-2018-5809
An error within the "LibRaw::parse_exif()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a stack-based buffer overflow and subsequently execute arbitrary code. Un error en la función "LibRaw::parse_exif()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.9 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y la ejecución de código arbitrario. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/fd6330292501983ac75fe4162275794b18445bd9 https://secuniaresearch.flexerasoftware.com/advisories/81800 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-9 • CWE-787: Out-of-bounds Write •