Lucene search

[email protected]CVE-2012-2814

HistoryJul 13, 2012 - 10:34 a.m.

CVE-2012-2814

2012-07-1310:34:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-2814

buffer overflow

exif_entry_format_value function

libexif

remote attackers

denial of service

execute arbitrary code

crafted exif tags

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.7%

JSON

Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.

CPENameOperatorVersion
libexif_project:libexiflibexif project libexifeq0.6.20

CPE	Name	Operator	Version
libexif_project:libexif	libexif project libexif	eq	0.6.20

References

lists.opensuse.org/opensuse-security-announce/2012-07/msg00014.html

lists.opensuse.org/opensuse-security-announce/2012-07/msg00015.html

rhn.redhat.com/errata/RHSA-2012-1255.html

secunia.com/advisories/49988

sourceforge.net/mailarchive/message.php?msg_id=29534027

www.debian.org/security/2012/dsa-2559

www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

www.securityfocus.com/bid/54437

www.ubuntu.com/usn/USN-1513-1

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.098 Low

EPSS

Percentile

94.7%

JSON

Related for CVE-2012-2814

debiancve1 osv2 ubuntucve1 prion1 alpinelinux1 openvas23 suse2 nessus18 veracode6 fedora2 ubuntu1 securityvulns3 debian1 oraclelinux1 amazon1 redhat1 centos1 gentoo1 freebsd1 altlinux1 slackware1