Security Advisory

CVE-2019-17402

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-10-09 00:00:00

Last updated 2024-08-05 01:40:15

Assigner mitre

State PUBLISHED

Description

Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in types.cpp when called from Exiv2::Internal::CiffDirectory::readDirectory in crwimage_int.cpp, because there is no validation of the relationship of the total size to the offset and size.

← Browse all CVEs View on cve.org ↗