CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
88.8%
Meder Kydyraliev discovered that exiv2 did not correctly handle certain
EXIF headers. If a user or automated system were tricked into processing
a specially crafted image, a remote attacker could cause the application
linked against libexiv2 to crash, leading to a denial of service, or
possibly executing arbitrary code with user privileges. (CVE-2007-6353)
Joakim Bildrulle discovered that exiv2 did not correctly handle Nikon
lens EXIF information. If a user or automated system were tricked into
processing a specially crafted image, a remote attacker could cause the
application linked against libexiv2 to crash, leading to a denial of
service. (CVE-2008-2696)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 8.04 | noarch | libexiv2-2 | < 0.16-3ubuntu1.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | exiv2 | < 0.16-3ubuntu1.1 | UNKNOWN |
Ubuntu | 8.04 | noarch | libexiv2-dev | < 0.16-3ubuntu1.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | libexiv2-0 | < 0.15-1ubuntu2.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | exiv2 | < 0.15-1ubuntu2.1 | UNKNOWN |
Ubuntu | 7.10 | noarch | libexiv2-dev | < 0.15-1ubuntu2.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | libexiv2-0.12 | < 0.12-0ubuntu2.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | exiv2 | < 0.12-0ubuntu2.1 | UNKNOWN |
Ubuntu | 7.04 | noarch | libexiv2-dev | < 0.12-0ubuntu2.1 | UNKNOWN |