CVE-2019-9278 - log back

CVE-2019-9278 edited at 20 May 2020 22:04:50
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation.
References
+ https://github.com/libexif/libexif/issues/26
+ https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566
Notes
CVE-2019-9278 created at 19 May 2020 16:12:27