Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2018-19566

Опубликовано: 26 нояб. 2018
Источник: debian

Описание

A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
dcrawunfixedpackage

Примечания

  • https://www.openwall.com/lists/oss-security/2018/11/23/1

  • No security impact, crash in CLI tool

Связанные уязвимости

ubuntu логотип

CVE-2018-19566

CVSS3: 7.1
ubuntu
около 7 лет назад

A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

redhat логотип

CVE-2018-19566

CVSS3: 4.4
redhat
около 7 лет назад

A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

nvd логотип

CVE-2018-19566

CVSS3: 7.1
nvd
около 7 лет назад

A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

github логотип

GHSA-qchv-v695-4m9x

CVSS3: 7.1
github
больше 3 лет назад

A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.

suse-cvrf логотип

SUSE-SU-2022:1749-1

suse-cvrf
больше 3 лет назад

Security update for dcraw