Name of the Vulnerable Software and Affected Versions Exiv2 version 0.27-RC2

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via a crafted file. This is related to the Exiv2::isoSpeed function in easyaccess.cpp.

Recommendations For Exiv2 version 0.27-RC2, consider avoiding the use of crafted files that may trigger the denial of service until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.