Lucene search

K
ubuntucveUbuntu.comUB:CVE-2012-2840
HistoryJul 13, 2012 - 12:00 a.m.

CVE-2012-2840

2012-07-1300:00:00
ubuntu.com
ubuntu.com
13

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.088

Percentile

94.6%

Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c
in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote
attackers to cause a denial of service or possibly execute arbitrary code
via crafted EXIF tags in an image.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlibexif< 0.6.16-2.1ubuntu0.2UNKNOWN
ubuntu10.04noarchlibexif< 0.6.19-1ubuntu0.1UNKNOWN
ubuntu11.04noarchlibexif< 0.6.20-0ubuntu1.1UNKNOWN
ubuntu11.10noarchlibexif< 0.6.20-1ubuntu0.1UNKNOWN
ubuntu12.04noarchlibexif< 0.6.20-2ubuntu0.1UNKNOWN

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

EPSS

0.088

Percentile

94.6%