CVE-2018-5804

Related Files

LibRaw 0.18.11 Denial Of Service

Posted Jul 20, 2018

Authored by Kasper Leigh Haabb | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file. An integer overflow error within the "identify()" function (internal/dcraw_common.cpp) can be exploited to trigger a division by zero via specially crafted NOKIARAW file. The vulnerabilities are confirmed in version 0.18.11. Prior versions may also be affected.

tags | advisory, denial of service, overflow, vulnerability

systems | apple

advisories | CVE-2018-5804, CVE-2018-5815, CVE-2018-5816

SHA-256 | 4613e82ee83759da6d65852d98e41add198de465ce0b423e487854f90211db04

Download | Favorite | View

LibRaw Denial Of Service

Posted Mar 14, 2018

Authored by Laurent Delosieres | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). LibRaw versions prior to 0.18.8 are affected.

tags | advisory, denial of service, vulnerability

advisories | CVE-2018-5804, CVE-2018-5805, CVE-2018-5806

SHA-256 | b5c03c6b07fb1998c8c86a816369959648583565dcf35f7ecdbee8c37dd0fc3c

Download | Favorite | View