Oval Definition:oval:org.opensuse.security:def:201714865
Revision Date:2022-05-22Version:1
Title:CVE-2017-14865
Description:

There is a heap-based buffer overflow in the Exiv2::us2Data function of types.cpp in Exiv2 0.26. A Crafted input will lead to a denial of service attack.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-14865
Mitre CVE-2017-14865
SUSE CVE-2017-14865
openSUSE-SU-2017:2818-1
Platform(s):openSUSE Leap 42.2
openSUSE Leap 42.3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12 SP2
Product(s):
Definition Synopsis
  • openSUSE Leap 42.2 is installed
  • AND Package Information
  • exiv2-0.25-7.3.1 is installed
  • AND exiv2 is signed with openSUSE key
  • OR
  • exiv2-lang-0.25-7.3.1 is installed
  • AND exiv2-lang is signed with openSUSE key
  • OR
  • libexiv2-14-0.25-7.3.1 is installed
  • AND libexiv2-14 is signed with openSUSE key
  • OR
  • libexiv2-14-32bit-0.25-7.3.1 is installed
  • AND libexiv2-14-32bit is signed with openSUSE key
  • OR
  • libexiv2-devel-0.25-7.3.1 is installed
  • AND libexiv2-devel is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • exiv2-0.25-10 is installed
  • AND exiv2 is signed with openSUSE key
  • OR
  • exiv2-lang-0.25-10 is installed
  • AND exiv2-lang is signed with openSUSE key
  • OR
  • libexiv2-14-0.25-10 is installed
  • AND libexiv2-14 is signed with openSUSE key
  • OR
  • libexiv2-14-32bit-0.25-10 is installed
  • AND libexiv2-14-32bit is signed with openSUSE key
  • OR
  • libexiv2-devel-0.25-10 is installed
  • AND libexiv2-devel is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • OR SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND exiv2 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • OR SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • OR SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND exiv2 is not affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND exiv2 is not affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND exiv2 is affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND exiv2 is affected
    • BACK