Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 30/03/2018 Updated: 27/02/2019

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 516

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exiv2 exiv2

An out-of-bound read has been found in Exiv2 in the way binary bytes are converted to string An attacker could potentially use this flaw to crash the Exiv2 CLI utility program by tricking it into processing a crafted TIFF image ...

CWE-125 https://github.com/xiaoqx/pocs/tree/master/exiv2 https://github.com/Exiv2/exiv2/issues/254 https://security.gentoo.org/glsa/201811-14 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2018-9144

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-9144

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect