Fantasyoung

**Name of the Vulnerable Software and Affected Versions** LibRaw version 0.19.1 **Description** The issue is related to a NULL pointer dereference in the `LibRaw::copy bayer` function of the `libraw cxx.cpp` component in the LibRaw image processing library. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** For LibRaw version 0.19.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** LibRaw (affected versions not specified) **Description** The issue is related to a heap-based buffer overflow in the `LibRaw::raw2image()` function of the `libraw cxx.cpp` component. This allows a remote attacker to cause a denial of service by exploiting the buffer overflow. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libexcel version 0.01 **Description** The issue allows attackers to cause a denial of service (SEGV) via a long second argument in the `wbook addworksheet` function in `workbook.c`. **Recommendations** For libexcel version 0.01, consider restricting the length of the second argument passed to the `wbook addworksheet` function to prevent the denial of service. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** libexcel version 0.01 **Description** The issue allows attackers to cause a denial of service (SEGV) via a long name in the `wbook addworksheet` function in `workbook.c` in `libexcel.a`. **Recommendations** For libexcel version 0.01, avoid using long names in the `wbook addworksheet` function to prevent the denial of service.