CVE-2008-2696
Published: 13 June 2008
Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.
Priority
Status
Package | Release | Status |
---|---|---|
exiv2 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Released
(0.12-0ubuntu2.1)
|
|
gutsy |
Released
(0.15-1ubuntu2.1)
|
|
hardy |
Released
(0.16-3ubuntu1.1)
|
|
intrepid |
Not vulnerable
(0.17-1ubuntu1)
|
|
jaunty |
Not vulnerable
(0.17-1ubuntu1)
|
|
karmic |
Not vulnerable
(0.17-1ubuntu1)
|
|
upstream |
Released
(0.17.1-1)
|
|
Patches: upstream: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1398&r2=1399 |