Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-19607

Опубликовано: 23 нояб. 2018
Источник: redhat
CVSS3: 3.3

Описание

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

Отчет

This issue affects the versions of exiv2 as shipped with Red Hat Enterprise Linux 7. This issue did not affect the versions of exiv2 as shipped with Red Hat Enterprise 6.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6exiv2Not affected
Red Hat Enterprise Linux 7exiv2FixedRHSA-2019:210106.08.2019
Red Hat Enterprise Linux 8exiv2FixedRHSA-2020:157728.04.2020
Red Hat Enterprise Linux 8geglFixedRHSA-2020:157728.04.2020
Red Hat Enterprise Linux 8gnome-color-managerFixedRHSA-2020:157728.04.2020
Red Hat Enterprise Linux 8libgexiv2FixedRHSA-2020:157728.04.2020

Показывать по

Дополнительная информация

Статус:

Low
Дефект:
CWE-476
https://bugzilla.redhat.com/show_bug.cgi?id=1656195exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp

3.3 Low

CVSS3

Связанные уязвимости

CVSS3: 6.5
ubuntu
больше 6 лет назад

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

CVSS3: 6.5
nvd
больше 6 лет назад

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

CVSS3: 6.5
debian
больше 6 лет назад

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote att ...

CVSS3: 6.5
github
около 3 лет назад

Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.

suse-cvrf
больше 5 лет назад

Security update for exiv2

3.3 Low

CVSS3