CVE-2015-8367

CVE-2015-8367

EPSS 5.5%

The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

http://packetstormsecurity.com/files/134573/LibRaw-0.17-Overflow.html http://seclists.org/fulldisclosure/2015/Nov/108 http://www.libraw.org/news/libraw-0-17-1