CVE-2013-1438

EPSS 0.51%

exactimage - denial of service

Published: 1/19/2014Modified: 4/28/2026

Also known as:DEBIAN-CVE-2013-1438

Description

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.

Affected packages (6)

Debian/darktablefrom 0, < 1.2.2-2
Debian/dcrawfrom 0, < 9.28-1
Debian/exactimagefrom 0, < 0.8.9-1
Debian/exactimagefrom 0, < 0.8.1-3+deb6u2
Debian/libkdcrawfrom 0, < 24.12.0-1
Debian/librawfrom 0, < 0.15.4-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1438