Note:
This project will be discontinued after December 13, 2021. [more]
2019-07-15
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.
Products | Debian_linux, Fedora, Jhead |
Type | Out-of-bounds Write (CWE-787) |
First patch | - None (likely due to unavailable code) |
Links |
• https://bugzilla.redhat.com/show_bug.cgi?id=1679952
• https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1838251 • https://security.gentoo.org/glsa/202007-17 • https://lists.debian.org/debian-lts-announce/2019/12/msg00037.html • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTGUHTJTQ6EKEPDXFSKZKVLUJC4UAPBQ/ |