UbuntuUSN-655-1exiv2 vulnerabilities
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.021 Low
EPSS
Percentile
89.1%
Releases
- Ubuntu 8.04
- Ubuntu 7.10
- Ubuntu 7.04
Packages
- exiv2 -
Details
Meder Kydyraliev discovered that exiv2 did not correctly handle certain
EXIF headers. If a user or automated system were tricked into processing
a specially crafted image, a remote attacker could cause the application
linked against libexiv2 to crash, leading to a denial of service, or
possibly executing arbitrary code with user privileges. (CVE-2007-6353)
Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon
lens EXIF information. If a user or automated system were tricked into
processing a specially crafted image, a remote attacker could cause the
application linked against libexiv2 to crash, leading to a denial of
service. (CVE-2008-2696)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 8.04 | noarch | libexiv2-2 | < 0.16-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | exiv2 | < 0.16-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 8.04 | noarch | libexiv2-dev | < 0.16-3ubuntu1.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libexiv2-0 | < 0.15-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | exiv2 | < 0.15-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.10 | noarch | libexiv2-dev | < 0.15-1ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | libexiv2-0.12 | < 0.12-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | exiv2 | < 0.12-0ubuntu2.1 | UNKNOWN |
| Ubuntu | 7.04 | noarch | libexiv2-dev | < 0.12-0ubuntu2.1 | UNKNOWN |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.1 High
AI Score
Confidence
Low
0.021 Low
EPSS
Percentile
89.1%