There is a heap-based buffer overflow in the Image::printIFDStructure
function of image.cpp in Exiv2 0.26. A Crafted input will lead to a
remote denial of service attack.
Bug report (with reproducer):
Created exiv2 tracking bugs for this issue:
Affects: fedora-all [bug 1474340]
This issue did not affect the versions of exiv2 as shipped with Red Hat Enterprise Linux 6 and 7.