CVE-2018-5815

Summary

An integer overflow error within the "parse_qt()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.12 can be exploited to trigger an infinite loop via a specially crafted Apple QuickTime file.

Affected Software

VendorProductVersion RangeStatus
n/aLibRawPrior to 0.18.12affected

Weaknesses

  • DoS (Denial of Service) through infinite loop

ADP Enrichment

CVE Program Container

Additional References

References