CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-9144

An issue was discovered in Exiv2 0.27. There is infinite recursion at BigTiffImage::printIFD in the file bigtiffimage.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.1%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

http://www.securityfocus.com/bid/107161
https://github.com/Exiv2/exiv2/issues/712
https://research.loginsoft.com/bugs/uncontrolled-recursion-loop-in-exiv2anonymous-namespacebigtiffimageprintifd-exiv2-0-27/
http://www.securityfocus.com/bid/107161
https://github.com/Exiv2/exiv2/issues/712
https://research.loginsoft.com/bugs/uncontrolled-recursion-loop-in-exiv2anonymous-namespacebigtiffimageprintifd-exiv2-0-27/

Products affected by CVE-2019-9144

Exiv2 » Exiv2 » Version: 0.27

cpe:2.3:a:exiv2:exiv2:0.27

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-9144

Products

Pricing

Contact Us