First published: Mon Nov 26 2018(Updated: )
A floating point exception in kodak_radc_load_raw in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dcraw Project Dcraw | <=9.28 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2018-19568.
The severity level of CVE-2018-19568 is medium.
The affected software is Dcraw Project Dcraw version up to and including 9.28.
An attacker could use this vulnerability to crash an application that bundles the dcraw code by supplying malicious files.
You can find more information about CVE-2018-19568 at the following links: [https://seclists.org/oss-sec/2018/q4/165](https://seclists.org/oss-sec/2018/q4/165) and [https://seclists.org/oss-sec/2018/q4/171](https://seclists.org/oss-sec/2018/q4/171)