dcraw -- integer overflow condition
The dcraw tool, as well as several other projects re-using its
code, suffers from an integer overflow condition which lead to a
The vulnerability concerns the 'len' variable, parsed without
validation from opened images, used in the ljpeg_start()
A maliciously crafted raw image file can be used to trigger the
vulnerability, causing a Denial of Service condition.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright