CVE-2013-1439

The "faster LJPEG decoder" in libraw 0.13.x, 0.14.x, and 0.15.x before 0.15.4 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via a crafted photo file.

Published: Sep 16, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-1439
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
libraw / libraw	0.15.1	0.15.1.x
libraw / libraw	0.15.0	0.15.0.x
libraw / libraw	0.14.5	0.14.5.x
libraw / libraw	0.13.2	0.13.2.x
libraw / libraw	0.13.0	0.13.0.x
libraw / libraw	0.15.3	0.15.3.x
libraw / libraw	0.13.6	0.13.6.x
libraw / libraw	0.14.3	0.14.3.x
libraw / libraw	0.13.7	0.13.7.x
libraw / libraw	0.13.1	0.13.1.x
libraw / libraw	0.14.6	0.14.6.x
libraw / libraw	0.14.2	0.14.2.x
libraw / libraw	0.14.7	0.14.7.x
libraw / libraw	0.13.5	0.13.5.x
libraw / libraw	0.14.4	0.14.4.x
libraw / libraw	0.14.0	0.14.0.x
libraw / libraw	0.13.8	0.13.8.x
libraw / libraw	0.13.3	0.13.3.x
libraw / libraw	0.13.4	0.13.4.x
libraw / libraw	0.14.1	0.14.1.x
libraw / libraw	0.15.2	0.15.2.x

Vulnerability Database

289,697

CVE-2013-1439