Published: 11/07/2019 Updated: 13/01/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrwimage.cpp in Exiv2 up to and including 0.27.2.

Vulnerable Product	Search on Vulmon	Subscribe to Product
exiv2 exiv2
debian debian linux 8.0
debian debian linux 10.0

Debian Bug report logs - #932467 exiv2: CVE-2019-13504 Package: src:exiv2; Maintainer for src:exiv2 is Debian KDE Extras Team <pkg-kde-extras@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 19 Jul 2019 18:57:02 UTC Severity: important Tags: security, upstream Found in versi ...

Impact: Moderate Public Date: 2019-07-10 CWE: CWE-125 Bugzilla: 1729034: CVE-2019-13504 exiv2: out-of-b ...

Summary of online learning materials

security-study-tutorial Summary of online learning materials Awesome githubcom/vinta/awesome-python githubcom/Hack-with-Github/Awesome-Hacking githubcom/hslatman/awesome-threat-intelligence githubcom/bayandin/awesome-awesomeness githubcom/enaqx/awesome-pentest githubcom/carpedm20/awesome-hacking githubcom/sbilly/aw

CWE-125 https://github.com/Exiv2/exiv2/pull/943 http://www.securityfocus.com/bid/109117 https://fuzzit.dev/2019/07/11/discovering-cve-2019-13504-cve-2019-13503-and-the-importance-of-api-fuzzing/https://lists.debian.org/debian-lts-announce/2019/07/msg00015.html https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932467 https://nvd.nist.gov https://github.com/MyKings/security-study-tutorial https://access.redhat.com/security/cve/cve-2019-13504

CVE-2019-13504

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect