[Advisory]LibRaw Multi Memory error[CVE-2015-8366 and CVE-2015-8367]

November 30, 2015 007admin Leave a comment

Posted by ChenQin on Nov 30

1. Overview
The LibRaw raw image decoder <= 0.17 has multi vulnerability to cause memory errors,which may cause code execution or
other problems.Problems has been fixed in 0.17.1(www.libraw.org/news/libraw-0-17-1).

2.Descryption
Case CVE-2015-8366,Libraw smal_decode_segment function do not handle index carefully,which may cause index overflow.
Case CVE-2015-8367,Libraw phase_one_correct function do not handle memory object’s…

007 Software

[Advisory]LibRaw Multi Memory error[CVE-2015-8366 and CVE-2015-8367]

Leave a Reply Cancel reply

Software and Security Information