Exiv2 - Corrupted EXIF Data Denial of Service

EDB-ID:

27140




Platform:

Multiple

Date:

2006-01-26


source: https://www.securityfocus.com/bid/16400/info

Exiv2 is susceptible to a denial-of-service vulnerability. This issue is due to the application's failure to properly bounds-check user-supplied input data before attempting to read it, resulting in an out-of-bounds memory access crash.

This issue allows attackers to crash applications that use the affected library to process malicious image data. Depending on the nature of applications, this may be local or remote in nature.

This issue is present in Exiv2 versions prior to 0.9.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/27140.jpg