VYPR
Unrated severityNVD Advisory· Published Aug 14, 2013· Updated Jun 16, 2026

CVE-2013-2126

CVE-2013-2126

Description

Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

9
  • Libraw/Libraw3 versions
    cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:libraw:libraw:*:*:*:*:*:*:*:*range: <=0.15.1
    • cpe:2.3:a:libraw:libraw:0.15.0:*:*:*:*:*:*:*
    • (no CPE)range: <0.15.2
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*+ 2 more
    • cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
    • cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
  • OpenSUSE/openSUSE2 versions
    cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
    • cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.