Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-9278

Опубликовано: 27 сент. 2019
Источник: debian

Описание

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libexiffixed0.6.21-6package

Примечания

  • https://android.googlesource.com/platform/external/libexif/+/a5e8e5812a11ec9686294de8a5d68aaf2ab72475%5E%21/#F0

  • https://github.com/libexif/libexif/issues/26

  • https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566

Связанные уязвимости

ubuntu логотип

CVE-2019-9278

CVSS3: 8.8
ubuntu
больше 6 лет назад

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

redhat логотип

CVE-2019-9278

CVSS3: 7.5
redhat
около 6 лет назад

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

nvd логотип

CVE-2019-9278

CVSS3: 8.8
nvd
больше 6 лет назад

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

github логотип

GHSA-wwvf-m6j5-65jw

CVSS3: 8.8
github
больше 3 лет назад

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

fstec логотип

BDU:2020-01749

CVSS3: 8.8
fstec
больше 6 лет назад

Уязвимость библиотеки для грамматического разбора EXIF-файлов libexif, позволяющая нарушителю получить доступ к конфиденциальным данным, нарушить их целостность, а также вызвать отказ в обслуживании