Vulnerabilities
Misconfiguration
Runtime Security
Compliance
CVE Vulnerabilities

CVE-2013-2126

Published: Aug 14, 2013 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
4.4 MODERATE
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2013-2126
CWEhttps://cwe.mitre.org/data/definitions/399.html

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.

Affected Software

Name Vendor Start Version End Version
Libraw Libraw * 0.15.1 (including)
Libraw Libraw 0.15.0 (including) 0.15.0 (including)
Darktable Ubuntu precise *
Darktable Ubuntu quantal *
Darktable Ubuntu raring *
Darktable Ubuntu saucy *
Darktable Ubuntu upstream *
Darktable Ubuntu utopic *
Darktable Ubuntu vivid *
Darktable Ubuntu wily *
Libkdcraw Ubuntu devel *
Libkdcraw Ubuntu precise *
Libkdcraw Ubuntu quantal *
Libkdcraw Ubuntu raring *
Libkdcraw Ubuntu saucy *
Libkdcraw Ubuntu trusty *
Libkdcraw Ubuntu utopic *
Libkdcraw Ubuntu vivid *
Libkdcraw Ubuntu wily *
Libkdcraw Ubuntu xenial *
Libkdcraw Ubuntu yakkety *
Libkdcraw Ubuntu zesty *
Libraw Ubuntu devel *
Libraw Ubuntu precise *
Libraw Ubuntu quantal *
Libraw Ubuntu raring *
Libraw Ubuntu saucy *
Libraw Ubuntu trusty *
Libraw Ubuntu upstream *
Libraw Ubuntu utopic *
Libraw Ubuntu vivid *
Libraw Ubuntu wily *
Libraw Ubuntu xenial *
Libraw Ubuntu yakkety *
Libraw Ubuntu zesty *

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2024 Aqua Security Software Ltd.   Privacy Policy | Terms of Use