Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2015-3885HistoryMay 19, 2015 - 6:59 p.m.
CVE-2015-3885
2015-05-1918:59:07
Debian Security Bug Tracker
security-tracker.debian.org
22
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.048
Percentile
92.7%
Integer overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | darktable | < 1.6.7-1 | darktable_1.6.7-1_all.deb |
| Debian | 11 | all | darktable | < 1.6.7-1 | darktable_1.6.7-1_all.deb |
| Debian | 999 | all | darktable | < 1.6.7-1 | darktable_1.6.7-1_all.deb |
| Debian | 13 | all | darktable | < 1.6.7-1 | darktable_1.6.7-1_all.deb |
| Debian | 12 | all | dcraw | < 9.26-1 | dcraw_9.26-1_all.deb |
| Debian | 11 | all | dcraw | < 9.26-1 | dcraw_9.26-1_all.deb |
| Debian | 999 | all | dcraw | < 9.26-1 | dcraw_9.26-1_all.deb |
| Debian | 13 | all | dcraw | < 9.26-1 | dcraw_9.26-1_all.deb |
| Debian | 12 | all | exactimage | < 0.9.1-5 | exactimage_0.9.1-5_all.deb |
| Debian | 11 | all | exactimage | < 0.9.1-5 | exactimage_0.9.1-5_all.deb |
Related
openvas
openvas
Debian: Security Advisory (DLA-228-1)
2023-03-08 00:00:00
Mageia: Security Advisory (MGASA-2015-0222)
2022-01-28 00:00:00
Huawei EulerOS: Security Advisory for dcraw (EulerOS-SA-2019-2489)
2020-01-23 00:00:00
mageia
mageia
Updated ufraw & dcraw packages fix CVE-2015-3885
2015-05-13 20:18:54
Updated rawtherapee packages fix CVE-2015-3885
2015-05-13 20:18:54
Updated darktable packages fix CVE-2015-3885
2015-05-13 20:18:54
nessus
nessus
Fedora 22 : mingw-LibRaw-0.16.2-1.fc22 (2015-8444)
2015-05-27 00:00:00
Fedora 20 : LibRaw-0.15.4-2.fc20 (2015-8247)
2015-05-27 00:00:00
Fedora 22 : ufraw-0.21-1.fc22 (2015-8699)
2015-06-09 00:00:00
osv
osv
exactimage - security update
2015-05-28 00:00:00
libraw - security update
2015-06-10 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: ufraw-0.21-1.fc21
2015-06-05 23:43:52
[SECURITY] Fedora 21 Update: rawstudio-2.1-0.1.20150511git983bda1.fc21
2015-07-18 01:58:47
[SECURITY] Fedora 22 Update: ufraw-0.21-1.fc22
2015-06-05 23:59:05
freebsd
freebsd
dcraw -- integer overflow condition
2015-04-24 00:00:00
veracode
veracode
Buffer Overflow
2023-12-28 15:12:15
debian
debian
[SECURITY] [DLA 241-1] libraw security update
2015-06-10 12:10:03
[SECURITY] [DLA 228-1] exactimage security update
2015-05-28 07:13:44
[SECURITY] [DLA 243-1] libraw security update
2015-06-10 20:19:19
cve
cve
CVE-2015-3885
2015-05-19 18:59:07
nvd
nvd
CVE-2015-3885
2015-05-19 18:59:07
cvelist
cvelist
CVE-2015-3885
2015-05-19 18:00:00
ubuntucve
ubuntucve
CVE-2015-3885
2015-05-19 00:00:00
prion
prion
Integer overflow
2015-05-19 18:59:00
gentoo
gentoo
DCRaw: Buffer overflow
2017-01-23 00:00:00
Kodi: Multiple vulnerabilities
2017-06-20 00:00:00
LibRaw: Multiple vulnerabilities
2017-01-24 00:00:00
ubuntu
ubuntu
LibRaw vulnerabilities
2017-11-22 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
0.048
Percentile
92.7%
Related for DEBIANCVE:CVE-2015-3885