Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2012-2840
HistoryJul 13, 2012 - 10:34 a.m.

CVE-2012-2840

2012-07-1310:34:00
CWE-189
[email protected]
web.nvd.nist.gov
61
cve-2012-2840
exif
tag parsing library
libexif
denial of service
remote attackers
arbitrary code
image security
nvd

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.085 Low

EPSS

Percentile

94.3%

JSON

Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.

Related

osv 2
alpinelinux 1
prion 1
ubuntucve 1
debiancve 1
fedora 2
nessus 17
openvas 21
veracode 6
ubuntu 1
suse 1
redhat 1
centos 1
oraclelinux 1
securityvulns 3
amazon 1
debian 1
altlinux 1
slackware 1
gentoo 1
freebsd 1
osv
osv
CVE-2012-2840
2012-07-13 10:34:00
libexif - several
2012-10-11 00:00:00
alpinelinux
alpinelinux
CVE-2012-2840
2012-07-13 10:34:00
prion
prion
Code injection
2012-07-13 10:34:00
ubuntucve
ubuntucve
CVE-2012-2840
2012-07-13 00:00:00
debiancve
debiancve
CVE-2012-2840
2012-07-13 10:34:00
fedora
fedora
[SECURITY] Fedora 17 Update: libexif-0.6.21-2.fc17
2013-02-08 02:34:57
[SECURITY] Fedora 16 Update: libexif-0.6.21-2.fc16
2013-02-08 02:14:42
nessus
nessus
Mandriva Linux Security Advisory : libexif (MDVSA-2012:106)
2012-09-06 00:00:00
Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : libexif vulnerabilities (USN-1513-1)
2012-07-24 00:00:00
Debian DSA-2559-1 : libexif - several vulnerabilities
2012-10-18 00:00:00
openvas
openvas
CentOS Update for libexif CESA-2012:1255 centos5
2012-09-17 00:00:00
Amazon Linux: Security Advisory (ALAS-2012-126)
2015-09-08 00:00:00
RedHat Update for libexif RHSA-2012:1255-01
2012-09-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 04:43:08
Arbitrary Code Execution And Denial Of Service (DoS)
2019-05-02 04:43:08
Heap-Based Buffer Overflow
2019-05-02 04:43:08
ubuntu
ubuntu
libexif vulnerabilities
2012-07-23 00:00:00
suse
suse
Security update for libexif (important)
2012-07-23 19:08:44
redhat
redhat
(RHSA-2012:1255) Moderate: libexif security update
2012-09-11 00:00:00
centos
centos
libexif security update
2012-09-11 18:50:44
oraclelinux
oraclelinux
libexif security update
2012-09-11 00:00:00
securityvulns
securityvulns
[ MDVSA-2012:106 ] libexif
2012-07-16 00:00:00
libexif project security advisory July 12, 2012
2012-07-23 00:00:00
libexif / exif multiple security vulnerabilities
2012-07-23 00:00:00
amazon
amazon
Medium: libexif
2012-09-22 21:36:00
debian
debian
[SECURITY] [DSA 2559-1] libexif security update
2012-10-17 18:45:06
altlinux
altlinux
Security fix for the ALT Linux 7 package libexif version 0.6.21-alt1
2012-10-27 00:00:00
slackware
slackware
[slackware-security] libexif
2012-07-18 17:04:40
gentoo
gentoo
libexif, exif: Multiple vulnerabilities
2014-01-19 00:00:00
freebsd
freebsd
libexif -- multiple remote vulnerabilities
2012-07-12 00:00:00

7.5 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.085 Low

EPSS

Percentile

94.3%

JSON
Related for CVE-2012-2840
osv2alpinelinux1prion1ubuntucve1debiancve1fedora2nessus17openvas21veracode6ubuntu1suse1redhat1centos1oraclelinux1securityvulns3amazon1debian1altlinux1slackware1gentoo1freebsd1