Lucene search
Veracode Vulnerability DatabaseVERACODE:25279HistoryMay 10, 2020 - 11:23 p.m.
Arbitrary Code Execution
2020-05-1023:23:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
19
EPSS
0.002
Percentile
58.3%
libraw is vulnerable to arbitrary code execution. The vulnerability exists as a boundary error within the “parse_tiff_ifd()” function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to “DSLR-A100” and containing multiple sequences of 0x100 and 0x14A TAGs.
Related
osv
osv
CVE-2017-6887
2017-05-16 16:29:00
libraw - security update
2017-08-21 00:00:00
libraw - security update
2017-08-14 00:00:00
alpinelinux
alpinelinux
CVE-2017-6887
2017-05-16 16:29:00
redhatcve
redhatcve
CVE-2017-6887
2017-05-17 15:09:38
nvd
nvd
CVE-2017-6887
2017-05-16 16:29:00
prion
prion
Memory corruption
2017-05-16 16:29:00
debiancve
debiancve
CVE-2017-6887
2017-05-16 16:29:00
cvelist
cvelist
CVE-2017-6887
2017-05-16 15:00:00
cve
cve
CVE-2017-6887
2017-05-16 16:29:00
debian
debian
[SECURITY] [DLA 1057-1] libraw security update
2017-08-14 16:32:16
[SECURITY] [DSA 3950-1] libraw security update
2017-08-21 22:56:19
[SECURITY] [DSA 3950-1] libraw security update
2017-08-21 22:56:19
ubuntucve
ubuntucve
CVE-2017-6887
2017-05-16 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3950-1)
2017-08-20 00:00:00
Debian: Security Advisory (DLA-1057-1)
2018-02-06 00:00:00
Fedora Update for mingw-LibRaw FEDORA-2017-bce18ed3f2
2017-08-04 00:00:00
nessus
nessus
Debian DLA-1057-1 : libraw security update
2017-08-15 00:00:00
Debian DSA-3950-1 : libraw - security update
2017-08-22 00:00:00
openSUSE Security Update : libraw (openSUSE-2017-640)
2017-06-01 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: mingw-LibRaw-0.18.2-2.fc26
2017-07-11 20:57:43
mageia
mageia
Updated libraw packages fix security vulnerabilities
2017-07-28 21:12:15
ubuntu
ubuntu
LibRaw vulnerabilities
2017-11-22 00:00:00