Lucene search
Veracode Vulnerability DatabaseVERACODE:7079HistoryJul 17, 2018 - 8:52 a.m.
Out-of-Bounds Read
2018-07-1708:52:59
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
EPSS
0.007
Percentile
80.7%
libraw.so is vulnerable to out-of-bound reads. A malicious user can pass a file to the kodak_radc_load_raw() function in dcraw_common.cpp to cause an out-of-bounds read that can crash the application.
References
access.redhat.com/errata/RHSA-2018:3065
bugzilla.redhat.com/show_bug.cgi?id=1553335
github.com/LibRaw/LibRaw/blob/master/Changelog.txt
github.com/LibRaw/LibRaw/commit/8682ad204392b91
github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4
lists.debian.org/debian-lts-announce/2019/03/msg00036.html
secuniaresearch.flexerasoftware.com/advisories/79000/
secuniaresearch.flexerasoftware.com/secunia_research/2018-1/
usn.ubuntu.com/3615-1/
Related
redhatcve
redhatcve
CVE-2018-5802
2020-04-05 10:59:51
cvelist
cvelist
CVE-2018-5802
2018-12-07 22:00:00
cve
cve
CVE-2018-5802
2018-12-07 22:29:00
prion
prion
Out-of-bounds
2018-12-07 22:29:00
ubuntucve
ubuntucve
CVE-2018-5802
2018-03-12 00:00:00
osv
osv
CVE-2018-5802
2018-12-07 22:29:00
libraw - security update
2019-03-28 00:00:00
libraw - security update
2022-01-29 00:00:00
nvd
nvd
CVE-2018-5802
2018-12-07 22:29:00
debiancve
debiancve
CVE-2018-5802
2018-12-07 22:29:00
zdt
zdt
LibRaw 0.18.7 Denial Of Service Vulnerability
2018-02-01 00:00:00
nessus
nessus
openSUSE Security Update : libraw (openSUSE-2018-281)
2018-03-19 00:00:00
FreeBSD : libraw -- multiple DoS vulnerabilities (6f0b0cbf-1274-11e8-8b5b-4ccc6adda413)
2018-02-16 00:00:00
Scientific Linux Security Update : libkdcraw on SL7.x x86_64 (20181030)
2018-11-27 00:00:00
redhat
redhat
(RHSA-2018:3065) Moderate: libkdcraw security update
2018-10-30 04:15:19
centos
centos
libkdcraw security update
2018-11-15 18:48:45
ubuntu
ubuntu
LibRaw vulnerabilities
2018-04-03 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3615-1)
2018-04-04 00:00:00
Debian: Security Advisory (DLA-1734-1)
2019-04-02 00:00:00
Debian: Security Advisory (DLA-2903-1)
2022-01-30 00:00:00
freebsd
freebsd
libraw -- multiple DoS vulnerabilities
2018-01-16 00:00:00
oraclelinux
oraclelinux
libkdcraw security update
2018-11-05 00:00:00
debian
debian
[SECURITY] [DLA 1734-1] libraw security update
2019-03-28 21:22:30
[SECURITY] [DLA 2903-1] libraw security update
2022-01-29 13:18:14