ID CVE-2017-17725
Summary In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference.
References
Vulnerable Configurations
  • Exiv2 0.26
    cpe:2.3:a:exiv2:exiv2:0.26
CVSS
Base: 4.3
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
nessus via4
NASL family Fedora Local Security Checks
NASL id FEDORA_2018-FC9C5969B4.NASL
description Security update for CVE-2017-17723, CVE-2017-17725, CVE-2018-5772 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen 2018-09-07
modified 2018-09-06
plugin id 109928
published 2018-05-21
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=109928
title Fedora 27 : exiv2 (2018-fc9c5969b4)
refmap via4
misc
Last major update 12-02-2018 - 17:29
Published 12-02-2018 - 17:29
Last modified 07-03-2018 - 16:01
Back to Top