header-logo
Suggest Exploit
vendor:
Exiv2
by:
SecurityFocus
2.3
CVSS
LOW
Denial-of-Service
119
CWE
Product Name: Exiv2
Affected Version From: 0.8
Affected Version To: 0.9
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

Exiv2 Denial-of-Service Vulnerability

Exiv2 is susceptible to a denial-of-service vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input data before attempting to read it, resulting in an out-of-bounds memory access crash. This issue allows attackers to crash applications that use the affected library to process malicious image data.

Mitigation:

Ensure that user-supplied input is properly validated before being used.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/16400/info

Exiv2 is susceptible to a denial-of-service vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input data before attempting to read it, resulting in an out-of-bounds memory access crash.

This issue allows attackers to crash applications that use the affected library to process malicious image data. Depending on the nature of applications, this may be local or remote in nature.

This issue is present in Exiv2 versions prior to 0.9.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27140.jpg

Navigation

Suggest Exploit

Services By CQR