CVE-2020-0452 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Arbitrary code execution |
Description | In libexif before version 0.6.23, in exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2376 | libexif | 0.6.22-1 | 0.6.23-1 | Medium | Fixed |