CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5804 – LibRaw Denial of Service
https://notcve.org/view.php?id=CVE-2018-5804
14 Mar 2018 — A type confusion error within the "identify()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a division by zero. Un error de confusión de tipos en la función "identify()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.8, puede explotarse para desencadenar una división entre cero. Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An i... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-369: Divide By Zero CWE-704: Incorrect Type Conversion or Cast •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5805 – LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5805
14 Mar 2018 — A boundary error within the "quicktake_100_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to cause a stack-based buffer overflow and subsequently cause a crash. Un error de límites en la función "quicktake_100_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.8 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en pila y un cierre inesperado. LibRaw is vulnerable to stack-based buffer overflow in intern... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-5806 – LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5806
14 Mar 2018 — An error within the "leaf_hdr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.8 can be exploited to trigger a NULL pointer dereference. Un error en la función "leaf_hdr_load_raw()" (internal/dcraw_common.cpp) en LibRaw, en versiones anteriores a la 0.18.8, puede explotarse para desencadenar una desreferencia de puntero NULL. A NULL pointer dereference vulnerability in internal/dcraw_common.cpp:leaf_hdr_load_raw() function was found in LibRaw. A user can cause a denial of se... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-476: NULL Pointer Dereference •
CVSS: 6.5EPSS: 2%CPEs: 8EXPL: 0CVE-2018-5800 – LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5800
30 Jan 2018 — An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Un error por un paso relacionado con la función "LibRaw::kodak_ycbcr_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.7 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado. A heap-based o... • http://www.securityfocus.com/bid/104663 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2018-5801 – LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp
https://notcve.org/view.php?id=CVE-2018-5801
30 Jan 2018 — An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. Un error en la función "LibRaw::unpack()" (src/libraw_cxx.cpp) en LibRaw, en versiones anteriores a la 0.18.7, puede explotarse para desencadenar una desreferencia de puntero NULL. A NULL pointer dereference flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking th... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-5802 – LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp
https://notcve.org/view.php?id=CVE-2018-5802
30 Jan 2018 — An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Un error en la función "kodak_radc_load_raw()" (internal/dcraw_common.cpp) relacionada con la variable "buf" en LibRaw en versiones anteriores a la 0.18.7 se puede explotar para provocar un acceso de lectura a la memoria fuera de límites y un cierre inesperado. An out-of-... • https://access.redhat.com/errata/RHSA-2018:3065 • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2017-16909 – Ubuntu Security Notice USN-3615-1
https://notcve.org/view.php?id=CVE-2017-16909
12 Dec 2017 — An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. Un error relacionado con la función "LibRaw::panasonic_load_raw()" (dcraw_common.cpp) en las versiones anteriores a la 0.18.6 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado mediante una imagen T... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-16910 – Ubuntu Security Notice USN-3615-1
https://notcve.org/view.php?id=CVE-2017-16910
12 Dec 2017 — An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition. Un error en la función "LibRaw::xtrans_interpolate()" (internal/dcraw_common.cpp) en LibRaw en versiones anteriores a la 0.18.6 se puede explotar para provocar un acceso de lectura a la memoria inválido y una condición de denegación de servicio (DoS). It was discovered that LibRaw inc... • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt • CWE-125: Out-of-bounds Read •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14608 – Ubuntu Security Notice USN-3492-1
https://notcve.org/view.php?id=CVE-2017-14608
20 Sep 2017 — In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. En LibRaw hasta la versión 0.18.4, un error de lectura fuera de límites relacionado con kodak_65000_load_raw se ha detectado en dcraw/dcraw.c e internal/dcraw_common.cpp. Un atacante podría explotar esta vulnerabilidad para divulgar memoria pot... • https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-14348 – Ubuntu Security Notice USN-3492-1
https://notcve.org/view.php?id=CVE-2017-14348
12 Sep 2017 — LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file. LibRaw en versiones anteriores a la 0.18.4 tiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función processCanonCameraInfo mediante un archivo manipulado. It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw t... • http://www.securityfocus.com/bid/100866 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •