It exists that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-0093, CVE-2020-0182)
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
google android 8.0 |
||
google android 8.1 |
||
google android 9.0 |
||
google android 10.0 |
||
debian debian linux 8.0 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 19.10 |
||
canonical ubuntu linux 20.04 |
||
canonical ubuntu linux 16.04 |
||
canonical ubuntu linux 12.04 |
||
libexif project libexif |
||
opensuse leap 15.1 |
Zero-click remote-code exec hole found by Googler, updates emitted
Samsung has patched a serious security hole in its smartphones that can be exploited by maliciously crafted text messages to hijack devices. It appears no user interaction is required: if Samsung's messaging app bundled with phones since 2015 receives a booby-trapped MMS, it will parse it automatically before the user even opens it. This will trigger a vulnerability in the Skia graphics library, used by the app to decode the message's embedded Qmage image. The end result is code execution on the...