CVE-2017-6887

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*

Information

Published : 2017-05-16 09:29

Updated : 2017-11-03 18:29


NVD link : CVE-2017-6887

Mitre link : CVE-2017-6887


JSON object : View

CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Advertisement

dedicated server usa

Products Affected

libraw

  • libraw