ID CVE-2018-12265
Summary Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.
References
Vulnerable Configurations
  • Exiv2 0.26
    cpe:2.3:a:exiv2:exiv2:0.26
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
  • Canonical Ubuntu Linux 16.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:16.04:-:-:-:lts
  • Canonical Ubuntu Linux 17.10
    cpe:2.3:o:canonical:ubuntu_linux:17.10
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
    cpe:2.3:o:canonical:ubuntu_linux:18.04:-:-:-:lts
CVSS
Base: 6.8
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-1402.NASL
    description Several vulnerabilities have been discovered in exiv2, a C++ library and a command line utility to manage image metadata, resulting in denial of service, heap-based buffer over-read/overflow, memory exhaustion, and application crash. For Debian 8 'Jessie', these problems have been fixed in version 0.24-4.1+deb8u1. We recommend that you upgrade your exiv2 packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-06-29
    modified 2018-06-28
    plugin id 110728
    published 2018-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110728
    title Debian DLA-1402-1 : exiv2 security update
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3700-1.NASL
    description It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. (CVE-2018-10958, CVE-2018-10998) It was discovered that Exiv2 incorrectly handled certain PNG files. An attacker could possibly use this to access sensitive information. (CVE-2018-10999) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this to execute arbitrary code. (CVE-2018-11531) It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this to access sensitive information. (CVE-2018-12264, CVE-2018-12265). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-07-05
    modified 2018-07-05
    plugin id 110922
    published 2018-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110922
    title Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : exiv2 vulnerabilities (USN-3700-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-4238.NASL
    description Several vulnerabilities have been discovered in Exiv2, a C++ library and a command line utility to manage image metadata which could result in denial of service or the execution of arbitrary code if a malformed file is parsed.
    last seen 2018-07-05
    modified 2018-07-05
    plugin id 110910
    published 2018-07-05
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=110910
    title Debian DSA-4238-1 : exiv2 - security update
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-871FA4D189.NASL
    description Exiv2 update with security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2018-08-10
    modified 2018-08-10
    plugin id 111620
    published 2018-08-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=111620
    title Fedora 27 : exiv2 (2018-871fa4d189)
refmap via4
confirm
debian DSA-4238
mlist [debian-lts-announce] 20180628 [SECURITY] [DLA 1402-1] exiv2 security update
ubuntu USN-3700-1
Last major update 13-06-2018 - 07:29
Published 13-06-2018 - 07:29
Last modified 02-08-2018 - 11:07
Back to Top