CVE-2017-9239
26.05.2017, 10:29
An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone must open a crafted tiff file.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| exiv2 | exiv2 | 0.26 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.04 |
| canonical | ubuntu_linux | 18.10 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| libexiv2-26 |
| ||||||||||||||||||||||||||||||||||||||||||
| libexiv2-27 |
| ||||||||||||||||||||||||||||||||||||||||||
| libexiv2-devel |
| ||||||||||||||||||||||||||||||||||||||||||
| libexiv2-xmp-static |
|
Common Weakness Enumeration
References