CVE-2017-17724
exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a denial of service via a crafted TIFF file.
En Exiv2 hay una sobrelectura de búfer basada en memoria dinámica (heap) en la función Exiv2::IptcData::printStructure en iptc.cpp, relacionada con el caso "!= 0x1c". Los atacantes remotos podrían explotar esta vulnerabilidad para provocar una denegación de servicio (DoS) mediante un archivo TIFF manipulado.
An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of memory.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-12-17 CVE Reserved
- 2018-02-12 CVE Published
- 2023-07-08 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://github.com/Exiv2/exiv2/issues/263 | X_refsource_misc | |
| https://github.com/xiaoqx/pocs/blob/master/exiv2/readme.md | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| https://bugzilla.redhat.com/show_bug.cgi?id=1524107 | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:2101 | 2019-10-03 | |
| https://security.gentoo.org/glsa/201811-14 | 2019-10-03 | |
| https://access.redhat.com/security/cve/CVE-2017-17724 | 2019-08-06 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1545237 | 2019-08-06 |