An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: flexera

Published: 2018-12-07T22:00:00

Updated: 2024-08-05T05:47:56.115Z

Reserved: 2018-01-19T00:00:00

Link: CVE-2018-5815

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-12-07T22:29:01.613

Modified: 2024-11-21T04:09:27.963

Link: CVE-2018-5815

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-07-22T00:00:00Z

Links: CVE-2018-5815 - Bugzilla