← voltar
CVE-2013-2126

CVE-2013-2126

EPSS 4.4%
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://lists.opensuse.org/opensuse-updates/2013-06/msg00193.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00195.htmlhttp://secunia.com/advisories/53547http://secunia.com/advisories/53883http://secunia.com/advisories/53888http://secunia.com/advisories/53938https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6http://www.libraw.org/news/libraw-0-15-2http://www.openwall.com/lists/oss-security/2013/05/29/7http://www.openwall.com/lists/oss-security/2013/06/10/1http://www.ubuntu.com/usn/USN-1884-1http://www.ubuntu.com/usn/USN-1885-1