Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2126HistoryAug 14, 2013 - 3:55 p.m.
CVE-2013-2126
2013-08-1415:55:06
Debian Security Bug Tracker
security-tracker.debian.org
16
libraw
double free
vulnerabilities
denial of service
arbitrary code
foveon
sraw
image file
application crash
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.019
Percentile
88.9%
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | darktable | < 1.2.1-2 | darktable_1.2.1-2_all.deb |
| Debian | 11 | all | darktable | < 1.2.1-2 | darktable_1.2.1-2_all.deb |
| Debian | 999 | all | darktable | < 1.2.1-2 | darktable_1.2.1-2_all.deb |
| Debian | 13 | all | darktable | < 1.2.1-2 | darktable_1.2.1-2_all.deb |
| Debian | 12 | all | libraw | < 0.15.3-1 | libraw_0.15.3-1_all.deb |
| Debian | 11 | all | libraw | < 0.15.3-1 | libraw_0.15.3-1_all.deb |
| Debian | 999 | all | libraw | < 0.15.3-1 | libraw_0.15.3-1_all.deb |
| Debian | 13 | all | libraw | < 0.15.3-1 | libraw_0.15.3-1_all.deb |
Related
openvas
openvas
Fedora Update for gwenview FEDORA-2013-13112
2013-08-01 00:00:00
Fedora Update for parley FEDORA-2013-13112
2013-08-01 00:00:00
Fedora Update for kdeedu FEDORA-2013-13112
2013-08-01 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: ark-4.10.5-1.fc18
2013-07-24 03:33:56
[SECURITY] Fedora 18 Update: kamera-4.10.5-1.fc18
2013-07-24 03:33:58
[SECURITY] Fedora 18 Update: jovie-4.10.5-1.fc18
2013-07-24 03:33:57
securityvulns
securityvulns
libRaw / libKDcraw memory corruption
2013-07-01 00:00:00
prion
prion
Double free
2013-08-14 15:55:00
mageia
mageia
Updated libkdcraw package fixes security issue.
2013-07-21 12:44:17
nessus
nessus
openSUSE Security Update : darktable (openSUSE-SU-2013:1083-1)
2014-06-13 00:00:00
Ubuntu 12.04 LTS / 12.10 / 13.04 : libraw vulnerability (USN-1884-1)
2013-06-19 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
0.019
Percentile
88.9%
Related for DEBIANCVE:CVE-2013-2126