0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
LibRaw 0.18.7 Denial Of Service Vulnerability
Author
Risk
[
Security Risk Medium
]0day-ID
Category
Date add
CVE
Platform
LibRaw 0.18.7 Denial Of Service Vulnerability ====================================================================== 1) Affected Software * LibRaw versions prior to 0.18.7. ====================================================================== 2) Severity Rating: Moderately critical Impact: Denial of Service Where: From remote ====================================================================== 3) Description of Vulnerabilities Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) can be exploited to cause a heap- based buffer overflow and subsequently cause a crash. 2) An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) can be exploited to trigger a NULL pointer dereference. 3) An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Successful exploitation of this vulnerability requires the library to be compiled with the "-O0" compilation flag. The vulnerabilities are confirmed in version 0.18.6 and reported in versions prior to 0.18.7. ====================================================================== 4) Solution Update to version 0.18.7. ====================================================================== 5) Time Table 2018/01/16 - Maintainer contacted with the vulnerability details. 2018/01/19 - Maintainer confirmed the vulnerabilities. 2018/01/19 - Maintainer released a fix. 2018/01/25 - Release of Secunia Advisory SA79000. 2018/01/29 - Public disclosure of Secunia Research Advisory. ====================================================================== 6) Credits Laurent Delosieres, Secunia Research at Flexera Software. ====================================================================== 7) References The Flexera Software CNA has assigned the CVE-2018-5800, CVE-2018-5801, and CVE-2018-5802 identifiers for the vulnerabilities through the Common Vulnerabilities and Exposures (CVE) project. # 0day.today [2024-12-24] #