In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. A large size value may lead to a SIGABRT during an attempt at memory allocation. NOTE: some third parties have been unable to reproduce the SIGABRT when using the 4-DataBuf-abort-1 PoC file.
En la clase DataBuf en include/exiv2/types.hpp en Exiv2 0.26, existe un problema en el constructor con un tamaño de búfer inicial. Un valor de tamaño grande puede desembocar en un SIGABRT durante un intento de asignación de memoria. NOTA: ciertos terceros no han podido reproducir el SIGABRT al emplear el archivo PoC 4-DataBuf-abort-1.
Multiple vulnerabilities have been found in Exiv2, the worst of which could result in a Denial of Service condition. Versions less than 0.26_p20180811-r3 are affected.
