CVE-2017-6887

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.
Configurations

Configuration 1 (hide)

cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-05-16 16:29

Updated : 2024-02-04 19:11


NVD link : CVE-2017-6887

Mitre link : CVE-2017-6887

CVE.ORG link : CVE-2017-6887


JSON object : View

Products Affected

libraw

  • libraw
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer