CVE Vulnerabilities

CVE-2013-2126

Published: Aug 14, 2013 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
4.4 MODERATE
AV:L/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
MEDIUM

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.

Affected Software

Name Vendor Start Version End Version
Libraw Libraw * 0.15.1 (including)
Libraw Libraw 0.15.0 (including) 0.15.0 (including)
Darktable Ubuntu precise *
Darktable Ubuntu quantal *
Darktable Ubuntu raring *
Darktable Ubuntu saucy *
Darktable Ubuntu upstream *
Darktable Ubuntu utopic *
Darktable Ubuntu vivid *
Darktable Ubuntu wily *
Libkdcraw Ubuntu devel *
Libkdcraw Ubuntu precise *
Libkdcraw Ubuntu quantal *
Libkdcraw Ubuntu raring *
Libkdcraw Ubuntu saucy *
Libkdcraw Ubuntu trusty *
Libkdcraw Ubuntu utopic *
Libkdcraw Ubuntu vivid *
Libkdcraw Ubuntu wily *
Libkdcraw Ubuntu xenial *
Libkdcraw Ubuntu yakkety *
Libkdcraw Ubuntu zesty *
Libraw Ubuntu devel *
Libraw Ubuntu precise *
Libraw Ubuntu quantal *
Libraw Ubuntu raring *
Libraw Ubuntu saucy *
Libraw Ubuntu trusty *
Libraw Ubuntu upstream *
Libraw Ubuntu utopic *
Libraw Ubuntu vivid *
Libraw Ubuntu wily *
Libraw Ubuntu xenial *
Libraw Ubuntu yakkety *
Libraw Ubuntu zesty *

References