CVE-2018-19655
HIGH8.8EPSS 0.69%發布日:2018/11/29修改日:2026/4/28
也稱為:DEBIAN-CVE-2018-19655
描述
A stack-based buffer overflow in the find_green() function of dcraw through 9.28, as used in ufraw-batch and many other products, may allow a remote attacker to cause a control-flow hijack, denial-of-service, or unspecified other impact via a maliciously crafted raw photo file.
受影響套件(1)
- Debian/dcrawfrom 0, < 9.28-2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |