Red Hat Bugzilla – Bug 1474329
CVE-2017-11339 exiv2: Heap-based buffer overflow in the Image::printIFDStructure
Last modified: 2017-08-23 07:06:10 EDT
There is a heap-based buffer overflow in the Image::printIFDStructure
function of image.cpp in Exiv2 0.26. A Crafted input will lead to a
remote denial of service attack.
Bug report (with reproducer):
Created exiv2 tracking bugs for this issue:
Affects: fedora-all [bug 1474340]
This issue did not affect the versions of exiv2 as shipped with Red Hat Enterprise Linux 6 and 7.