Name of the Vulnerable Software and Affected Versions Exiv2 version 0.24

Description The issue is related to a buffer overflow in the RiffVideo::infoTagsHandler function, which can be triggered by a long IKEY INFO tag value in an AVI file, potentially causing a denial of service (crash).

Recommendations For Exiv2 version 0.24, as a temporary workaround, consider disabling the processing of IKEY INFO tags in AVI files until a patch is available.