Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw prior to 0.15.2 allow context-dependent malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libraw libraw 0.15.0 |
||
libraw libraw |
||
opensuse opensuse 12.3 |
||
canonical ubuntu linux 12.10 |
||
opensuse opensuse 12.2 |
||
canonical ubuntu linux 13.04 |
||
canonical ubuntu linux 12.04 |