4.3
CVE-2015-3885
- EPSS 3.56%
- Veröffentlicht 19.05.2015 18:59:07
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginInteger overflow in the ljpeg_start function in dcraw 7.00 and earlier allows remote attackers to cause a denial of service (crash) via a crafted image, which triggers a buffer overflow, related to the len variable.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dcraw Project ≫ Dcraw Version <= 7.00
Fedoraproject ≫ Fedora Version21
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.56% | 0.872 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|