CVE-2013-1439 - Vulnerability Details

Vendors	Products
Libraw	Libraw

Link	Providers
http://www.debian.org/security/2013/dsa-2748
http://www.openwall.com/lists/oss-security/2013/08/29/3
https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad
https://nvd.nist.gov/vuln/detail/CVE-2013-1439
https://www.cve.org/CVERecord?id=CVE-2013-1439

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-08-29T00:00:00", "descriptions": [{"lang": "en", "value": "The \"faster LJPEG decoder\" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-11-15T10:00:00", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "DSA-2748", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2013/dsa-2748"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad"}, {"name": "[oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/08/29/3"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2013-1439", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The \"faster LJPEG decoder\" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "DSA-2748", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2013/dsa-2748"}, {"name": "https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad", "refsource": "CONFIRM", "url": "https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad"}, {"name": "[oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2013/08/29/3"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:04:48.425Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-2748", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2013/dsa-2748"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad"}, {"name": "[oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2013/08/29/3"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2013-1439", "datePublished": "2013-09-16T19:00:00", "dateReserved": "2013-01-26T00:00:00", "dateUpdated": "2024-08-06T15:04:48.425Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2013-08-29T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2013-11-15T10:00:00 (string)

orgId : 79363d38-fa19-49d1-9214-5f28da3f3ac5 (string)

shortName : debian (string)

}

references : [ »

0 : { »

name : DSA-2748 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

]

url : http://www.debian.org/security/2013/dsa-2748 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad (string)

}

2 : { »

name : [oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

]

url : http://www.openwall.com/lists/oss-security/2013/08/29/3 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@debian.org (string)

ID : CVE-2013-1439 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : DSA-2748 (string)

refsource : DEBIAN (string)

url : http://www.debian.org/security/2013/dsa-2748 (string)

}

1 : { »

name : https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad (string)

refsource : CONFIRM (string)

url : https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad (string)

}

2 : { »

name : [oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities (string)

refsource : MLIST (string)

url : http://www.openwall.com/lists/oss-security/2013/08/29/3 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T15:04:48.425Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : DSA-2748 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_DEBIAN (string)

2 : x_transferred (string)

]

url : http://www.debian.org/security/2013/dsa-2748 (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad (string)

}

2 : { »

name : [oss-security] 20130829 [notification] libraw: multiple denial of service vulnerabilities (string)

tags : [ »

0 : mailing-list (string)

1 : x_refsource_MLIST (string)

2 : x_transferred (string)

]

url : http://www.openwall.com/lists/oss-security/2013/08/29/3 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 79363d38-fa19-49d1-9214-5f28da3f3ac5 (string)

assignerShortName : debian (string)

cveId : CVE-2013-1439 (string)

datePublished : 2013-09-16T19:00:00 (string)

dateReserved : 2013-01-26T00:00:00 (string)

dateUpdated : 2024-08-06T15:04:48.425Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libraw:libraw:0.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "41959708-2D95-472D-B845-40EC10C51ACE", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "03492249-E4F2-4696-AE8A-7111E3834490", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.2:*:*:*:*:*:*:*", "matchCriteriaId": "8939A79E-5B9C-4389-9CEA-752899C4AAE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.3:*:*:*:*:*:*:*", "matchCriteriaId": "0B566274-96B5-4966-9ECA-F78DBB8F0DFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.4:*:*:*:*:*:*:*", "matchCriteriaId": "1C1C9DE3-EEFF-4C10-8212-1BDFAF900204", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.5:*:*:*:*:*:*:*", "matchCriteriaId": "3DA5937A-9559-4A3D-B550-05512F639B89", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.6:*:*:*:*:*:*:*", "matchCriteriaId": "93912D7A-FE0B-4ACE-9F96-64D6F0EDE5C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.7:*:*:*:*:*:*:*", "matchCriteriaId": "9F3DBCCD-AC9F-4DAE-A6B2-13BA32F2575A", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.13.8:*:*:*:*:*:*:*", "matchCriteriaId": "CA950266-7B17-4A01-B879-6DC30F793608", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "98C296C8-D525-4847-AA59-8CC46719D92E", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "1DFCCA04-3EED-48C5-9C70-7D3F0003C0D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A74AA57-4D88-4DF0-85A9-E7D6D1CEFF00", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.3:*:*:*:*:*:*:*", "matchCriteriaId": "69FEC106-AC7E-4ED9-8963-3FD4817EC56B", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.4:*:*:*:*:*:*:*", "matchCriteriaId": "05EEAF87-8CCE-48EC-86E7-EE28329D2A9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.5:*:*:*:*:*:*:*", "matchCriteriaId": "D054474D-5C98-4797-9C15-217B8EBD55EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.6:*:*:*:*:*:*:*", "matchCriteriaId": "333AFB23-DC69-4612-8C6D-097617993561", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.14.7:*:*:*:*:*:*:*", "matchCriteriaId": "4BD3FC3C-52B7-45C6-84E6-6574767B2C72", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "25844B56-0F72-4FAA-9179-19659142A8C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "36D20992-4F53-4BBF-8CF8-C3128F07EAB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.15.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C98A25F-7E97-4FE9-86B6-C281AE330D8C", "vulnerable": true}, {"criteria": "cpe:2.3:a:libraw:libraw:0.15.3:*:*:*:*:*:*:*", "matchCriteriaId": "3E52EC30-160B-4095-A269-DA8B7F0A11AA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The \"faster LJPEG decoder\" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file."}, {"lang": "es", "value": "El \"faster LJPEG decoder\" en libraw versiones 0.13.x, 0.14.x, y versiones 0.15.x anteriores a 0.15.4, permite a los atacantes dependiendo del contexto causar una denegaci\u00f3n de servicio (desreferencia de un puntero NULL) por medio de un archivo de fotos dise\u00f1ado."}], "id": "CVE-2013-1439", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-09-16T19:14:37.693", "references": [{"source": "security@debian.org", "url": "http://www.debian.org/security/2013/dsa-2748"}, {"source": "security@debian.org", "tags": ["Exploit", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2013/08/29/3"}, {"source": "security@debian.org", "tags": ["Exploit", "Patch"], "url": "https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2013/dsa-2748"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "http://www.openwall.com/lists/oss-security/2013/08/29/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch"], "url": "https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad"}], "sourceIdentifier": "security@debian.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 41959708-2D95-472D-B845-40EC10C51ACE (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 03492249-E4F2-4696-AE8A-7111E3834490 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 8939A79E-5B9C-4389-9CEA-752899C4AAE9 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 0B566274-96B5-4966-9ECA-F78DBB8F0DFD (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C1C9DE3-EEFF-4C10-8212-1BDFAF900204 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.5:*:*:*:*:*:*:* (string)

matchCriteriaId : 3DA5937A-9559-4A3D-B550-05512F639B89 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 93912D7A-FE0B-4ACE-9F96-64D6F0EDE5C9 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 9F3DBCCD-AC9F-4DAE-A6B2-13BA32F2575A (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:a:libraw:libraw:0.13.8:*:*:*:*:*:*:* (string)

matchCriteriaId : CA950266-7B17-4A01-B879-6DC30F793608 (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 98C296C8-D525-4847-AA59-8CC46719D92E (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 1DFCCA04-3EED-48C5-9C70-7D3F0003C0D6 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 8A74AA57-4D88-4DF0-85A9-E7D6D1CEFF00 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 69FEC106-AC7E-4ED9-8963-3FD4817EC56B (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.4:*:*:*:*:*:*:* (string)

matchCriteriaId : 05EEAF87-8CCE-48EC-86E7-EE28329D2A9D (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.5:*:*:*:*:*:*:* (string)

matchCriteriaId : D054474D-5C98-4797-9C15-217B8EBD55EA (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.6:*:*:*:*:*:*:* (string)

matchCriteriaId : 333AFB23-DC69-4612-8C6D-097617993561 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:a:libraw:libraw:0.14.7:*:*:*:*:*:*:* (string)

matchCriteriaId : 4BD3FC3C-52B7-45C6-84E6-6574767B2C72 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:a:libraw:libraw:0.15.0:*:*:*:*:*:*:* (string)

matchCriteriaId : 25844B56-0F72-4FAA-9179-19659142A8C2 (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:a:libraw:libraw:0.15.1:*:*:*:*:*:*:* (string)

matchCriteriaId : 36D20992-4F53-4BBF-8CF8-C3128F07EAB6 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:a:libraw:libraw:0.15.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 1C98A25F-7E97-4FE9-86B6-C281AE330D8C (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:a:libraw:libraw:0.15.3:*:*:*:*:*:*:* (string)

matchCriteriaId : 3E52EC30-160B-4095-A269-DA8B7F0A11AA (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file. (string)

}

1 : { »

lang : es (string)

value : El "faster LJPEG decoder" en libraw versiones 0.13.x, 0.14.x, y versiones 0.15.x anteriores a 0.15.4, permite a los atacantes dependiendo del contexto causar una denegación de servicio (desreferencia de un puntero NULL) por medio de un archivo de fotos diseñado. (string)

}

]

id : CVE-2013-1439 (string)

lastModified : 2025-04-11T00:51:21.963 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 4.3 (number)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:M/Au:N/C:N/I:N/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : true (boolean)

}

]

}

published : 2013-09-16T19:14:37.693 (string)

references : [ »

0 : { »

source : security@debian.org (string)

url : http://www.debian.org/security/2013/dsa-2748 (string)

}

1 : { »

source : security@debian.org (string)

tags : [ »

0 : Exploit (string)

1 : Patch (string)

]

url : http://www.openwall.com/lists/oss-security/2013/08/29/3 (string)

}

2 : { »

source : security@debian.org (string)

tags : [ »

0 : Exploit (string)

1 : Patch (string)

]

url : https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad (string)

}

3 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.debian.org/security/2013/dsa-2748 (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Patch (string)

]

url : http://www.openwall.com/lists/oss-security/2013/08/29/3 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Patch (string)

]

url : https://github.com/LibRaw/LibRaw/commit/11909cc59e712e09b508dda729b99aeaac2b29ad (string)

}

]

sourceIdentifier : security@debian.org (string)

vulnStatus : Deferred (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-Other (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "LibRaw: multiple denial of service flaws", "id": "1002714", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1002714"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "details": ["The \"faster LJPEG decoder\" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file."], "name": "CVE-2013-1439", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "dcraw", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "LibRaw", "product_name": "Red Hat Enterprise Linux 7"}], "public_date": "2013-08-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-1439\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-1439"], "statement": "Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Low"}

{

bugzilla : { »

description : LibRaw: multiple denial of service flaws (string)

id : 1002714 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1002714 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 4.3 (string)

cvss_scoring_vector : AV:N/AC:M/Au:N/C:N/I:N/A:P (string)

status : draft (string)

}

details : [ »

0 : The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file. (string)

]

name : CVE-2013-1439 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:5 (string)

fix_state : Will not fix (string)

package_name : dcraw (string)

product_name : Red Hat Enterprise Linux 5 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Will not fix (string)

package_name : dcraw (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Will not fix (string)

package_name : dcraw (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Will not fix (string)

package_name : LibRaw (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

]

public_date : 2013-08-28T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2013-1439 https://nvd.nist.gov/vuln/detail/CVE-2013-1439 (string)

]

statement : Red Hat Product Security has rated this issue as having Low security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/. (string)

threat_severity : Low (string)

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object