CVE-2021-3496 log

Source
Severity Medium
Remote No
Type Arbitrary code execution
Description
A heap-based buffer overflow was found in jhead before version 3.06.0.1 in Get16u() in exif.c when processing a crafted file.
Group Package Affected Fixed Severity Status Ticket
AVG-1815 jhead 3.04-1 Medium Vulnerable
References
https://bugzilla.redhat.com/show_bug.cgi?id=1949245
https://github.com/Matthias-Wandel/jhead/issues/33
https://github.com/Matthias-Wandel/jhead/files/6300939/jhead_poc.zip
https://github.com/Matthias-Wandel/jhead/commit/ca2973f4ce79279c15a09cf400648a757c1721b0