Published: 30/03/2018 Updated: 27/03/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exiv2 exiv2 0.26

Debian Bug report logs - #910909 exiv2: CVE-2018-9145 Package: src:exiv2; Maintainer for src:exiv2 is Debian KDE Extras Team <pkg-kde-extras@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 13 Oct 2018 09:45:01 UTC Severity: important Tags: fixed-upstream, patch, security, up ...

In the DataBuf class in include/exiv2/typeshpp in Exiv2 026, an issue exists in the constructor with an initial buffer size A large size value may lead to a SIGABRT during an attempt at memory allocation NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file ...

CWE-20 https://github.com/xiaoqx/pocs/tree/master/exiv2 https://bugzilla.redhat.com/show_bug.cgi?id=1564281 https://bugzilla.novell.com/show_bug.cgi?id=1087879 https://security.gentoo.org/glsa/201811-14 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910909 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2018-9145

CVE-2018-9145

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect