CVE-2014-9449 on Ubuntu 14.04 LTS (trusty) - medium.
Description:
Buffer overflow in the RiffVideo::infoTagsHandler function in riffvideo.cpp in Exiv2 0.24 allows remote attackers to cause a denial of service (crash) via a long IKEY INFO tag value in an AVI file.