CVE-2020-18774

Name of the Vulnerable Software and Affected Versions Exiv2 version 0.27.99.0

Description The issue is related to a float point exception in the printLong function in tags int.cpp, which can be exploited by attackers to cause a denial of service (DOS) via a crafted tif file. This is due to a lack of division by zero checking, allowing a remote attacker to disrupt service using a specially crafted file.

Recommendations For Exiv2 version 0.27.99.0, consider disabling the printLong function in tags int.cpp as a temporary workaround until a patch is available. Restrict access to handling tif files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.