Security Advisory

CVE-2017-6887

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-05-16 15:00:00

Last updated 2024-08-05 15:41:17

Assigner flexera

State PUBLISHED

Description

A boundary error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to cause a memory corruption via e.g. a specially crafted KDC file with model set to "DSLR-A100" and containing multiple sequences of 0x100 and 0x14A TAGs.

← Browse all CVEs View on cve.org ↗