Back to search
CVE-2013-2126
Published: Aug 14, 2013
Modified: Sep 17, 2024
PUBLISHED
Description
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
53883
third-party-advisory
x_refsource_SECUNIA
53547
third-party-advisory
x_refsource_SECUNIA
USN-1884-1
vendor-advisory
x_refsource_UBUNTU
USN-1885-1
vendor-advisory
x_refsource_UBUNTU
http://www.libraw.org/news/libraw-0-15-2
x_refsource_CONFIRM
openSUSE-SU-2013:1085
vendor-advisory
x_refsource_SUSE
[oss-security] 20130529 Re: CVE request: libraw: multiple issues
mailing-list
x_refsource_MLIST
openSUSE-SU-2013:1083
vendor-advisory
x_refsource_SUSE
53938
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20130610 Re: CVE request: libraw: multiple issues
mailing-list
x_refsource_MLIST
53888
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now