Exiv2 is prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users.
Exiv2 0.27.2 and prior are vulnerable; other versions may also be affected.
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: vuldb@securityfocus.com.
| Bugtraq ID: | 109117 |
| Class: | Boundary Condition Error |
| CVE: | CVE-2019-13504 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 10 2019 12:00AM |
| Updated: | Jul 10 2019 12:00AM |
| Credit: | Yevgeny |
| Vulnerable: | Exiv2 Exiv2 0.27.2 Exiv2 Exiv2 0.27 Exiv2 Exiv2 0.26 Exiv2 Exiv2 0.24 |
| Not Vulnerable: | |
from SecurityFocus Vulnerabilities https://ift.tt/2G4HsdF
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.