Описание
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
A flaw was discovered in the way dcraw processed Raw images. An attacker could use this flaw to cause dcraw to crash by tricking a user into processing a specially crafted Raw image file.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | dcraw | Will not fix | ||
| Red Hat Enterprise Linux 5 | netpbm | Will not fix | ||
| Red Hat Enterprise Linux 6 | dcraw | Will not fix | ||
| Red Hat Enterprise Linux 6 | netpbm | Will not fix | ||
| Red Hat Enterprise Linux 7 | dcraw | Will not fix | ||
| Red Hat Enterprise Linux 7 | libkdcraw | Will not fix | ||
| Red Hat Enterprise Linux 7 | LibRaw | Will not fix | ||
| Red Hat Enterprise Linux 7 | netpbm | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier ...
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
EPSS
4.3 Medium
CVSS2