12 Fév 2018
CVE-2017-17725 - CVE Vulnerability
In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference. (CVSS:0.0) (Last Update:2018-02-12)
Vulnerability Details : In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial of service via a crafted image file. Note that this vulnerability is different from CVE-2017-14864, which is an invalid memory address dereference. Publish Date : 2018-02-12 Last Update Date : 2018-02-12 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2017-17725
- References For CVE-2017-17725
| |||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2017-17725There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |