Описание
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
A reachable assertion was found in Exiv2 while reading the header of a BigTIFF image. By persuading a victim to open a crafted BigTIFF image, a remote attacker could crash the application.
Отчет
This issue did not affect the versions of Exiv2 as shipped with Red Hat Enterprise Linux 6 and 7 as they did not include support for BigTIFF images.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | exiv2 | Not affected | ||
| Red Hat Enterprise Linux 7 | exiv2 | Not affected | ||
| Red Hat Enterprise Linux 8 | exiv2 | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
3.3 Low
CVSS3
Связанные уязвимости
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
In Exiv2 0.26, there is a reachable assertion in the readHeader functi ...
In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file.
EPSS
3.3 Low
CVSS3