4.3
CVE-2013-1438
- EPSS 2.06%
- Veröffentlicht 19.01.2014 18:02:56
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle security@debian.org
- CVE-Watchlists
- Unerledigt
LoginUnspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dave Coffin ≫ Dcraw Version0.8.0
Dave Coffin ≫ Dcraw Version0.8.1
Dave Coffin ≫ Dcraw Version0.8.2
Dave Coffin ≫ Dcraw Version0.8.3
Dave Coffin ≫ Dcraw Version0.8.4
Dave Coffin ≫ Dcraw Version0.8.5
Dave Coffin ≫ Dcraw Version0.8.6
Dave Coffin ≫ Dcraw Version0.8.7
Dave Coffin ≫ Dcraw Version0.8.8
Dave Coffin ≫ Dcraw Version0.8.9
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.06% | 0.788 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.debian.org/security/2013/dsa-2748
http://www.openwall.com/lists/oss-security/2013/08/29/3
http://www.securityfocus.com/bid/62060