Libcaca
CVE-2018-20544
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Lifecycle Timeline
1DescriptionNVD
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
AnalysisAI
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-369. There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19. Affected products include: Libcaca Project Libcaca, Canonical Ubuntu Linux, Debian Debian Linux.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19. Rated high seve
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data. Ra
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data. Ra
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp dat
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the defau
A flaw was found in libcaca. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attac
A flaw was found in libcaca. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attac
A flaw was found in libcaca v0.99.beta19. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. P
libcaca is affected by a Divide By Zero issue via img2txt, which allows a remote malicious user to cause a Denial of Ser
libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas
Same weakness CWE-369 – Divide By Zero
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today