PT-2019-5083 · None+6 · Libexif+6

Msmeissn

Publicado

2019-09-27

Atualizado

2024-06-15

CVE-2019-9278

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions libexif (affected versions not specified) Android versions Android-10

Description The issue is caused by an integer overflow in the libexif library, which is used for parsing EXIF files. This could allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. The vulnerability may lead to remote escalation of privilege in the media content provider. User interaction is required for exploitation.

Recommendations For libexif, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Android versions Android-10, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Memory Corruption

Integer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-190

Identificadores relacionados

ALT-PU-2020-2019

ALT-PU-2020-2723

BDU:2020-01749

CESA-2020_4040

CESA-2020_4766

CVE-2019-9278

DLA-2100-1

DSA-4618-1

MGASA-2019-0331

OESA-2022-2006

OESA-2022-2008

OPENSUSE-SU-2020:0264-1

OPENSUSE-SU-2020:0793-1

OPENSUSE-SU-2020_0264-1

OPENSUSE-SU-2020_0793-1

OPENSUSE-SU-2024:10939-1

RHSA-2020:4040

RHSA-2020:4766

RHSA-2020_4040

RHSA-2020_4766

SUSE-SU-2020:0457-1

SUSE-SU-2020:0458-1

SUSE-SU-2020:14294-1

SUSE-SU-2020:1534-1

SUSE-SU-2020:1553-1

SUSE-SU-2020:1553-2

SUSE-SU-2020_1534-1

SUSE-SU-2020_1553-1

SUSE-SU-2020_1553-2

USN-4277-1

Produtos afetados

Alt Linux

Android

Centos

Red Hat

Suse

Ubuntu

Libexif

PT-2019-5083 · None+6 · Libexif+6

CVE-2019-9278

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 86