CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1438

Unspecified vulnerability in dcraw 0.8.x through 0.8.9, as used in libraw, ufraw, shotwell, and other products, allows context-dependent attackers to cause a denial of service via a crafted photo file that triggers a (1) divide-by-zero, (2) infinite loop, or (3) NULL pointer dereference.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.9%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2013-1438

Dave Coffin » Dcraw » Version: 0.8.0

cpe:2.3:a:dave_coffin:dcraw:0.8.0
Dave Coffin » Dcraw » Version: 0.8.1

cpe:2.3:a:dave_coffin:dcraw:0.8.1
Dave Coffin » Dcraw » Version: 0.8.2

cpe:2.3:a:dave_coffin:dcraw:0.8.2
Dave Coffin » Dcraw » Version: 0.8.3

cpe:2.3:a:dave_coffin:dcraw:0.8.3
Dave Coffin » Dcraw » Version: 0.8.4

cpe:2.3:a:dave_coffin:dcraw:0.8.4
Dave Coffin » Dcraw » Version: 0.8.5

cpe:2.3:a:dave_coffin:dcraw:0.8.5
Dave Coffin » Dcraw » Version: 0.8.6

cpe:2.3:a:dave_coffin:dcraw:0.8.6
Dave Coffin » Dcraw » Version: 0.8.7

cpe:2.3:a:dave_coffin:dcraw:0.8.7
Dave Coffin » Dcraw » Version: 0.8.8

cpe:2.3:a:dave_coffin:dcraw:0.8.8
Dave Coffin » Dcraw » Version: 0.8.9

cpe:2.3:a:dave_coffin:dcraw:0.8.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1438

Products

Pricing

Contact Us