Описание
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
- ExploitIssue TrackingThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:jhead_project:jhead:3.04:*:*:*:*:*:*:*
cpe:2.3:a:jhead_project:jhead:3.05:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00071
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-704
Связанные уязвимости
CVSS3: 5.5
ubuntu
почти 4 года назад
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.
CVSS3: 5.5
debian
почти 4 года назад
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to ...
CVSS3: 5.5
github
почти 4 года назад
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the Get16u function in exif.c in will cause segmentation fault via a crafted_file.
EPSS
Процентиль: 22%
0.00071
Низкий
5.5 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-704