Main Vulnerability Database Vulnerabilities #VU36696

Format string error in jhead - CVE-2018-16554

Published: September 16, 2018 / Updated: August 8, 2020

Vulnerability identifier: #VU36696

CSH Severity: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2018-16554

CWE-ID: CWE-134

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
jhead

Software vendor:
www.sentex.net

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.

Remediation

Install update from vendor's website.

External links

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908176
https://lists.debian.org/debian-lts-announce/2019/12/msg00037.html
https://nimo-zhang.github.io/2018/09/07/bug-analysis-1/#more

Format string error in jhead - CVE-2018-16554

Description

Remediation

External links

Please verify you're human