Lucene search

[email protected]CVE-2008-2696

HistoryJun 13, 2008 - 7:41 p.m.

CVE-2008-2696

2008-06-1319:41:00

CWE-189

[email protected]

web.nvd.nist.gov

exiv2

denial of service

cve-2008-2696

metadata

image

security vulnerability

6.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to “pretty printing” and the RationalValue::toLong function.

CPENameOperatorVersion
exiv2:exiv2exiv2eq0.16

CPE	Name	Operator	Version
exiv2:exiv2	exiv2	eq	0.16

References

bugzilla.gnome.org/show_bug.cgi?id=524715

dev.robotbattle.com/bugs/view.php?id=0000546

lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html

secunia.com/advisories/30519

secunia.com/advisories/32273

www.exiv2.org/changelog.html

www.mandriva.com/security/advisories?name=MDVSA-2008:119

www.securityfocus.com/bid/29586

www.ubuntu.com/usn/usn-655-1

www.vupen.com/english/advisories/2008/1766/references

exchange.xforce.ibmcloud.com/vulnerabilities/42885

6.2 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.017 Low

EPSS

Percentile

87.5%

JSON

Related for CVE-2008-2696

openvas4 nessus4 securityvulns2 redhatcve1 ubuntucve1 debiancve1 prion1 ubuntu1