Denial of service in Exiv2
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 3 |
| CVE-ID | CVE-2017-17723 CVE-2017-17722 CVE-2017-17725 |
| CWE-ID | CWE-119 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #2 is available. Public exploit code for vulnerability #3 is available. |
| Vulnerable software Subscribe |
Exiv2 Universal components / Libraries / Libraries used by multiple products |
| Vendor | GNU |
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Memory corruption
EUVDB-ID: #VU10963
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-17723
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the Exiv2::Image::byteSwap4 function of image.cpp due to boundary error. A remote attacker can send a specially crafted TIFF image file, trick the victim into opening it and cause the service to crash.
Cybersecurity is currently unaware of any solutions addressing the vulnerability.
Vulnerable software versionsExiv2: 0.26
External linkshttp://github.com/Exiv2/exiv2/issues/229
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Memory corruption
EUVDB-ID: #VU10964
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-17722
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the readHeader function of bigtiffimage.cpp due to boundary error. A remote attacker can send a specially crafted TIFF image file, trick the victim into opening it and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsExiv2: 0.26
External linkshttp://github.com/Exiv2/exiv2/issues/208
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Memory corruption
EUVDB-ID: #VU10965
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2017-17725
CWE-ID:
CWE-119 - Memory corruption
Exploit availability: No
DescriptionThe vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.
The weakness exists in the Exiv2::getULong function of types.cpp due to boundary error. A remote attacker can send a specially crafted image file, trick the victim into opening it and cause the service to crash.
Install update from vendor's website.
Vulnerable software versionsExiv2: 0.26
External linkshttp://github.com/Exiv2/exiv2/issues/188
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
