CVE-2013-1438
Published Jan 19, 2014
Last updated 8 years ago
Overview
- Description
- Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.
- Source
- security@debian.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F5B8F8B-571F-4E99-8796-C1FB51F17B5E"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E2E58321-D1BB-4F79-AAB2-9A6AF74DC7DD"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9126BA52-8261-4AF6-B086-EDD1FEF76781"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "935C59A2-3BF9-4BF9-914F-313944C29419"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4E6B6F87-582A-4CA7-8FB6-1046FF5A7EF9"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "98DD84BC-C49B-4591-848F-EE1331889A6F"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "849AB4DD-7512-4513-BAFD-06A42900B4CD"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93AC4C73-3EE0-439E-821F-3FEA44189AC3"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A921C503-7B44-421F-9AF0-0BD2BE05BA34"
},
{
"criteria": "cpe:2.3:a:dave_coffin:dcraw:0.8.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ACDC079C-306F-4A91-A892-9DD23CA03C5F"
}
],
"operator": "OR"
}
]
}
]