ID CVE-2018-9305
Summary In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.
References
Vulnerable Configurations
  • Exiv2 0.3
    cpe:2.3:a:exiv2:exiv2:0.3
  • Exiv2 0.4
    cpe:2.3:a:exiv2:exiv2:0.4
  • Exiv2 0.5
    cpe:2.3:a:exiv2:exiv2:0.5
  • Exiv2 0.6
    cpe:2.3:a:exiv2:exiv2:0.6
  • Exiv2 0.6.1
    cpe:2.3:a:exiv2:exiv2:0.6.1
  • Exiv2 0.6.2
    cpe:2.3:a:exiv2:exiv2:0.6.2
  • Exiv2 0.7
    cpe:2.3:a:exiv2:exiv2:0.7
  • Exiv2 0.8
    cpe:2.3:a:exiv2:exiv2:0.8
  • Exiv2 0.9
    cpe:2.3:a:exiv2:exiv2:0.9
  • Exiv2 0.9.1
    cpe:2.3:a:exiv2:exiv2:0.9.1
  • Exiv2 0.10
    cpe:2.3:a:exiv2:exiv2:0.10
  • Exiv2 0.11
    cpe:2.3:a:exiv2:exiv2:0.11
  • Exiv2 0.12
    cpe:2.3:a:exiv2:exiv2:0.12
  • Exiv2 0.13
    cpe:2.3:a:exiv2:exiv2:0.13
  • Exiv2 0.14
    cpe:2.3:a:exiv2:exiv2:0.14
  • Exiv2 0.15
    cpe:2.3:a:exiv2:exiv2:0.15
  • Exiv2 0.16
    cpe:2.3:a:exiv2:exiv2:0.16
  • Exiv2 0.16 Pre 1
    cpe:2.3:a:exiv2:exiv2:0.16:pre1
  • Exiv2 0.17
    cpe:2.3:a:exiv2:exiv2:0.17
  • Exiv2 0.17.1
    cpe:2.3:a:exiv2:exiv2:0.17.1
  • Exiv2 0.18
    cpe:2.3:a:exiv2:exiv2:0.18
  • Exiv2 0.18 Pre 1
    cpe:2.3:a:exiv2:exiv2:0.18:pre1
  • Exiv2 0.18 Pre 2
    cpe:2.3:a:exiv2:exiv2:0.18:pre2
  • Exiv2 0.18.1
    cpe:2.3:a:exiv2:exiv2:0.18.1
  • Exiv2 0.18.2
    cpe:2.3:a:exiv2:exiv2:0.18.2
  • Exiv2 0.19
    cpe:2.3:a:exiv2:exiv2:0.19
  • Exiv2 0.20
    cpe:2.3:a:exiv2:exiv2:0.20
  • Exiv2 0.21
    cpe:2.3:a:exiv2:exiv2:0.21
  • Exiv2 0.21.1
    cpe:2.3:a:exiv2:exiv2:0.21.1
  • Exiv2 0.22
    cpe:2.3:a:exiv2:exiv2:0.22
  • Exiv2 0.23
    cpe:2.3:a:exiv2:exiv2:0.23
  • Exiv2 0.24
    cpe:2.3:a:exiv2:exiv2:0.24
  • Exiv2 0.25
    cpe:2.3:a:exiv2:exiv2:0.25
CVSS
Base: 5.8
Impact:
Exploitability:
CWE CWE-125
CAPEC
  • Overread Buffers
    An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.
nessus via4
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-8B67A5C7E2.NASL
    description Exiv2 update with security fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120594
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120594
    title Fedora 28 : exiv2 (2018-8b67a5c7e2)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201811-14.NASL
    description The remote host is affected by the vulnerability described in GLSA-201811-14 (Exiv2: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Exiv2. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could cause a Denial of Service condition or obtain sensitive information via a specially crafted file. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-11-26
    plugin id 119134
    published 2018-11-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119134
    title GLSA-201811-14 : Exiv2: Multiple vulnerabilities
refmap via4
gentoo GLSA-201811-14
misc
Last major update 04-04-2018 - 17:29
Published 04-04-2018 - 17:29
Last modified 27-02-2019 - 14:26
Back to Top