Page 6 of 39 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2018-5800 – LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp

https://notcve.org/view.php?id=CVE-2018-5800

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Un error por un paso relacionado con la función "LibRaw::kodak_ycbcr_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.7 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado. A heap-based out-of-bounds access flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images. • http://www.securityfocus.com/bid/104663 https://access.redhat.com/errata/RHSA-2018:3065 https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4 https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/advisories/79000 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-1 https://usn.ubuntu.com/3615-1 https://access.redhat.com/security/cve/CVE-2018-5800 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-16910

https://notcve.org/view.php?id=CVE-2017-16910

An error within the "LibRaw::xtrans_interpolate()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition. Un error en la función "LibRaw::xtrans_interpolate()" (internal/dcraw_common.cpp) en LibRaw en versiones anteriores a la 0.18.6 se puede explotar para provocar un acceso de lectura a la memoria inválido y una condición de denegación de servicio (DoS). • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/5563e6ddc3f7cb93d98b491194ceebdee7288d36 https://secuniaresearch.flexerasoftware.com/advisories/76000 https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19 https://usn.ubuntu.com/3615-1 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0

CVE-2017-16909

https://notcve.org/view.php?id=CVE-2017-16909

An error related to the "LibRaw::panasonic_load_raw()" function (dcraw_common.cpp) in LibRaw versions prior to 0.18.6 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash via a specially crafted TIFF image. Un error relacionado con la función "LibRaw::panasonic_load_raw()" (dcraw_common.cpp) en las versiones anteriores a la 0.18.6 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado mediante una imagen TIFF especialmente manipulada. • https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/f1394822a0152ceed77815eafa5cac4e8baab10a https://secuniaresearch.flexerasoftware.com/advisories/76000 https://secuniaresearch.flexerasoftware.com/secunia_research/2017-19 https://usn.ubuntu.com/3615-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-14608

https://notcve.org/view.php?id=CVE-2017-14608

In LibRaw through 0.18.4, an out of bounds read flaw related to kodak_65000_load_raw has been reported in dcraw/dcraw.c and internal/dcraw_common.cpp. An attacker could possibly exploit this flaw to disclose potentially sensitive memory or cause an application crash. En LibRaw hasta la versión 0.18.4, un error de lectura fuera de límites relacionado con kodak_65000_load_raw se ha detectado en dcraw/dcraw.c e internal/dcraw_common.cpp. Un atacante podría explotar esta vulnerabilidad para divulgar memoria potencialmente sensible o provocar el cierre inesperado de la aplicación. • https://github.com/LibRaw/LibRaw/commit/d13e8f6d1e987b7491182040a188c16a395f1d21 https://github.com/LibRaw/LibRaw/issues/101 • CWE-125: Out-of-bounds Read •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-14348

https://notcve.org/view.php?id=CVE-2017-14348

LibRaw before 0.18.4 has a heap-based Buffer Overflow in the processCanonCameraInfo function via a crafted file. LibRaw en versiones anteriores a la 0.18.4 tiene un desbordamiento de búfer basado en memoria dinámica (heap) en la función processCanonCameraInfo mediante un archivo manipulado. • http://www.securityfocus.com/bid/100866 https://github.com/LibRaw/LibRaw/issues/100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •