2019-02-20 19:29:00 2019-05-21 18:29:01

A type confusion error within the "unpacked_load_raw()" function within LibRaw versions prior to 0.19.1 (internal/dcraw_common.cpp) can be exploited to trigger an infinite loop.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL
Libraw Libraw 0.19.0 Beta3 (not an official CPE) Libraw Libraw 0.19.0 Beta2 (not an official CPE) Libraw Libraw 0.19.0 Beta1 (not an official CPE) Libraw Libraw 0.19.0 - (not an official CPE) Libraw Libraw 0.18.13 (not an official CPE) Libraw Libraw 0.18.12 (not an official CPE) Libraw Libraw 0.18.11 (not an official CPE) Libraw Libraw 0.18.10 (not an official CPE) Libraw Libraw 0.18.9 (not an official CPE) Libraw Libraw 0.18.8 (not an official CPE) Libraw Libraw 0.18.7 (not an official CPE) Libraw Libraw 0.18.6 (not an official CPE) Libraw Libraw 0.18.5 (not an official CPE) Libraw Libraw 0.18.3 (not an official CPE) Libraw Libraw 0.18.4 (not an official CPE) Libraw Libraw 0.18.2 (not an official CPE) Libraw Libraw 0.18.1 (not an official CPE) Libraw Libraw 0.18.0 (not an official CPE) Libraw Libraw 0.17.2 (not an official CPE) Libraw Libraw 0.17.1 (not an official CPE) Libraw Libraw 0.17.0 (not an official CPE) Libraw Libraw 0.16.2 (not an official CPE) LibRaw 0.16.1-alpha Libraw Libraw 0.16.1 (not an official CPE) Libraw Libraw 0.16.0 (not an official CPE) LibRaw 0.15.4 LibRaw 0.15.3 LibRaw 0.15.2 LibRaw 0.15.1 LibRaw 0.15.0 Libraw Libraw 0.14.8 (not an official CPE) LibRaw 0.14.7 LibRaw 0.14.6 LibRaw 0.14.5 LibRaw 0.14.4 LibRaw 0.14.3 LibRaw 0.14.2 LibRaw 0.14.1 LibRaw 0.14.0 LibRaw 0.13.8 LibRaw 0.13.7 LibRaw 0.13.6 LibRaw 0.13.5 LibRaw 0.13.4 LibRaw 0.13.3 LibRaw 0.13.2 LibRaw 0.13.1 LibRaw 0.13.0 Libraw Libraw 0.12.5 (not an official CPE) Libraw Libraw 0.12.4 (not an official CPE) Libraw Libraw 0.12.3 (not an official CPE) Libraw Libraw 0.12.2 (not an official CPE) Libraw Libraw 0.12.1 (not an official CPE) Libraw Libraw 0.12.0 (not an official CPE) Libraw Libraw 0.11.3 (not an official CPE) Libraw Libraw 0.11.2 (not an official CPE) Libraw Libraw 0.11.1 (not an official CPE) Libraw Libraw 0.19.0 Beta4 (not an official CPE) Libraw Libraw 0.19.0 Beta5 (not an official CPE) Libraw Libraw 0.19.0 Beta6 (not an official CPE)