Oval Definition:oval:org.opensuse.security:def:201714857
Revision Date:2022-05-22Version:1
Title:CVE-2017-14857
Description:

In Exiv2 0.26, there is an invalid free in the Image class in image.cpp that leads to a Segmentation fault. A crafted input will lead to a denial of service attack.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2017-14857
SUSE CVE-2017-14857
Platform(s):SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND exiv2 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND exiv2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND exiv2 is not affected
    • BACK