Exiv2 0.27.2 allows malicious users to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exiv2 exiv2 0.27.2 |
||
debian debian linux 8.0 |
||
debian debian linux 10.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 19.04 |
||
canonical ubuntu linux 19.10 |
||
canonical ubuntu linux 16.04 |