7.5
CVE-2013-2126
- EPSS 4.41%
- Veröffentlicht 14.08.2013 15:55:06
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Canonical ≫ Ubuntu Linux Version12.04 Update- Editionlts
Canonical ≫ Ubuntu Linux Version12.10
Canonical ≫ Ubuntu Linux Version13.04
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.41% | 0.901 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://lists.opensuse.org/opensuse-updates/2013-06/msg00193.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00195.html
http://secunia.com/advisories/53547
http://secunia.com/advisories/53883
http://secunia.com/advisories/53888
http://secunia.com/advisories/53938
http://www.libraw.org/news/libraw-0-15-2
http://www.openwall.com/lists/oss-security/2013/05/29/7
http://www.openwall.com/lists/oss-security/2013/06/10/1
http://www.ubuntu.com/usn/USN-1884-1
http://www.ubuntu.com/usn/USN-1885-1
https://github.com/LibRaw/LibRaw/commit/19ffddb0fe1a4ffdb459b797ffcf7f490d28b5a6