Lucene search

K

MitreCVELIST:CVE-2018-12264

HistoryJun 13, 2018 - 11:00 a.m.

CVE-2018-12264

2018-06-1311:00:00

mitre

www.cve.org

6.5 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.0%

Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.

References

lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html

access.redhat.com/errata/RHSA-2019:2101

github.com/Exiv2/exiv2/issues/366

github.com/TeamSeri0us/pocs/blob/master/exiv2/2-out-of-read-Poc

lists.debian.org/debian-lts-announce/2018/06/msg00010.html

security.gentoo.org/glsa/201811-14

usn.ubuntu.com/3700-1/

www.debian.org/security/2018/dsa-4238

6.5 Medium

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.0%

Related for CVELIST:CVE-2018-12264

redhatcve1 ubuntucve2 nvd1 osv3 veracode1 prion1 cve1 debiancve1 nessus20 openvas11 suse2 debian2 ubuntu1 fedora2 gentoo1 oraclelinux1 amazon1 redhat1 centos1