Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-9449

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-9449
Last Modified 17 Apr 2015 09:59:43
Published 02 Jan 2015 03:59:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-9449

Summary

Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.

Vulnerable Systems

Application

  • Exiv2 0.24


References

SECUNIA - 61801

CONFIRM - http://dev.exiv2.org/projects/exiv2/repository/diff?rev=3264&rev_to=3263

CONFIRM - http://dev.exiv2.org/issues/960

FEDORA - FEDORA-2015-0301


Last Updated: 27 May 2016 11:07:26