There is an integer overflow vulnerability in dcraw. When the victim runs dcraw with a maliciously crafted X3F input image, arbitrary code may be executed in the victim's system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dcraw project dcraw 9.28-2 |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
debian debian linux 11.0 |