#VU11070 Buffer over-read in Exiv2 - CVE-2017-17724

Cybersecurity Help s.r.o.

Published: 2018-03-14 | Updated: 2019-03-07

Vulnerability identifier: #VU11070

Vulnerability risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2017-17724

CWE-ID: CWE-126

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Exiv2
Universal components / Libraries / Libraries used by multiple products

Vendor: GNU

Description
The vulnerability allows an remote unauthenticated attacker to cause DoS on the target system.

The weakness exists in the Exiv2::IptcData::printStructure function due to insufficient validation of user-supplied input. A remote attacker can submit a specially crafted TIFF file, trigger heap-based buffer over-read and cause the service to crash.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Exiv2: 0.23 - 0.26

External links
https://github.com/Exiv2/exiv2/issues/210

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Gentoo update for Exiv2

Denial of service in Exiv2