[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248364

 
 

909

 
 

195388

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1438Date: (C)2014-01-21   (M)2023-12-22


Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-62060
DSA-2748
http://www.openwall.com/lists/oss-security/2013/08/29/3
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

CPE    10
cpe:/a:dave_coffin:dcraw:0.8.9
cpe:/a:dave_coffin:dcraw:0.8.8
cpe:/a:dave_coffin:dcraw:0.8.7
cpe:/a:dave_coffin:dcraw:0.8.6
...
OVAL    16
oval:org.secpod.oval:def:106188
oval:org.secpod.oval:def:106261
oval:org.secpod.oval:def:106306
oval:org.secpod.oval:def:106197
...

© SecPod Technologies