CVE-2008-2696

Published: 13 June 2008

Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.

Priority

Low

Status

Package Release Status
exiv2
Launchpad, Ubuntu, Debian
Upstream
Released (0.17.1-1)
Patches:
Upstream: http://dev.robotbattle.com/cgi-bin/viewvc.cgi/exiv2/trunk/src/nikonmn.cpp?r1=1398&r2=1399