Published: 29/08/2017 Updated: 30/08/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

It exists that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code

Vulnerable Product	Search on Vulmon	Subscribe to Product
libraw libraw 0.18.2

Debian Bug report logs - #874729 CVE-2017-13735: libraw: floating point exception in the kodak_radc_load_raw function in dcraw_commoncpp Package: src:libraw; Maintainer for src:libraw is Debian PhotoTools Maintainers <pkg-phototools-devel@listsaliothdebianorg>; Reported by: "Henri S" <henri@nervfi> Date: Sat, 9 ...

LibRaw could be made to crash or run programs as your login if it opened a specially crafted file ...

There is a floating point exception in the kodak_radc_load_raw function in dcraw_commoncpp in LibRaw 0182 It will lead to a remote denial of service attack ...

There is a floating point exception in the kodak_radc_load_raw function in dcraw_commoncpp in LibRaw 0182 leading to denial of service ...

CWE-20 https://bugzilla.redhat.com/show_bug.cgi?id=1483988 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874729 https://usn.ubuntu.com/3492-1/https://nvd.nist.gov

CVE-2017-13735

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect