A buffer overflow flaw was found in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 version 0.24. This flaw could allow remote attackers to cause a denial of service (application crash) via a long IKEY INFO tag value in an AVI file. Note that only version 0.24 is affected by this flaw. The patch for this issue is available at [2]. A reproduces is also available in comment #1 in [1]. [1] http://dev.exiv2.org/issues/960 [2] http://dev.exiv2.org/projects/exiv2/repository/diff?rev=3264&rev_to=3263
Created exiv2 tracking bugs for this issue: Affects: fedora-21 [bug 1178909]
exiv2-0.24-4.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.