CVE-2013-1438

EPSS 0.51%

exactimage - denial of service

發布日:2014/1/19修改日:2026/4/28

也稱為:DEBIAN-CVE-2013-1438

描述

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.

受影響套件(6)

Debian/darktablefrom 0, < 1.2.2-2
Debian/dcrawfrom 0, < 9.28-1
Debian/exactimagefrom 0, < 0.8.9-1
Debian/exactimagefrom 0, < 0.8.1-3+deb6u2
Debian/libkdcrawfrom 0, < 24.12.0-1
Debian/librawfrom 0, < 0.15.4-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2013-1438