Note:
This project will be discontinued after December 13, 2021. [more]
2019-07-15
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.
Products | Debian_linux, Fedora, Jhead |
Type | Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) |
First patch | - None (likely due to unavailable code) |
Links |
• https://bugzilla.redhat.com/show_bug.cgi?id=1679978
• https://lists.debian.org/debian-lts-announce/2019/12/msg00037.html • https://security.gentoo.org/glsa/202007-17 • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WVQTORTGQE56XXC6OVHQCSCUGABRMQZ/ • https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YTGUHTJTQ6EKEPDXFSKZKVLUJC4UAPBQ/ |