← back
CVE-2018-5815

CVE-2018-5815

EPSS 2.2%
An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.
Affected products
n/a · LibRaw

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/LibRaw/LibRaw/blob/master/Changelog.txthttps://github.com/LibRaw/LibRaw/commit/1334647862b0c90b2e8cb2f668e66627d9517b17https://secuniaresearch.flexerasoftware.com/advisories/83507/https://secuniaresearch.flexerasoftware.com/secunia_research/2018-14/https://usn.ubuntu.com/3838-1/