Vulnerability CVE-2017-12955

Vulnerability Name:

CVE-2017-12955 (CCN-130707)

Assigned:

2017-08-16

Published:

2017-08-16

Updated:

2017-08-22

Summary:

There is a heap-based buffer overflow in basicio.cpp of Exiv2 0.26. The vulnerability causes an out-of-bounds write in Exiv2::Image::printIFDStructure(), which may lead to remote denial of service or possibly unspecified other impact.

CVSS v3 Severity:

8.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)
7.7 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.5 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)
4.9 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-787
CWE-119

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2017-12955

Source: CCN
Type: Exiv2 Web site
Exiv2

Source: CCN
Type: Red Hat Bugzilla Bug 1482295
There is a heap-buffer-overflow in basicio.cpp of exiv2

Source: MISC
Type: Issue Tracking, Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1482295

Source: XF
Type: UNKNOWN
exiv2-cve201712955-dos(130707)

Vulnerable Configuration:

Configuration 1:

cpe:/a:exiv2:exiv2:0.26:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:exiv2:exiv2:0.26:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201712955	V	CVE-2017-12955	2023-06-22
oval:org.opensuse.security:def:7930	P	libexiv2-27-0.27.5-150400.15.4.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:770	P	Security update for go1.18 (Important)	2022-09-21
oval:org.opensuse.security:def:94050	P	(Important)	2022-07-14
oval:org.opensuse.security:def:3310	P	openssh-7.2p2-74.45.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94940	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:100763	P	(Important)	2022-03-08
oval:org.opensuse.security:def:1695	P	Security update for apache2 (Important)	2022-01-17
oval:org.opensuse.security:def:112209	P	exiv2-0.27.4-1.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:1579	P	Security update for python-pip (Moderate)	2021-12-13
oval:org.opensuse.security:def:67804	P	Security update for the Linux Kernel (Live Patch 24 for SLE 15) (Important)	2021-11-17
oval:org.opensuse.security:def:1223	P	Security update for the Linux Kernel (Important)	2021-11-16
oval:org.opensuse.security:def:105740	P	exiv2-0.27.4-1.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:71144	P	autofs-5.1.3-7.3.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:71257	P	libgd3-2.2.5-4.6.1 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:64557	P	Security update for qemu (Moderate)	2021-08-20
oval:org.opensuse.security:def:47306	P	libIlmImf-Imf_2_1-21-2.1.0-4.3 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48206	P	libthai-data-0.1.25-4.2 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47292	P	jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47992	P	dnsmasq-2.78-18.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47844	P	pam_yubico-2.26-1.25 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47752	P	libopenjp2-7-2.1.0-4.9.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47291	P	iputils-s20121221-2.17 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47620	P	git-core-2.12.3-27.14.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48352	P	yast2-3.2.50-4.7.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:47427	P	libvirt-3.3.0-4.28 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:48290	P	python3-3.4.6-25.29.1 on GA media (Moderate)	2021-08-16
oval:org.opensuse.security:def:101190	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72503	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1951	P	policycoreutils-devel-3.0-1.20 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1949	P	perl-doc-5.26.1-15.87 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1929	P	jython-2.2.1-11.65 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1940	P	osc-0.172.0-3.26.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1935	P	log4j12-javadoc-1.2.17-2.26 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1931	P	libgit2-28-0.28.4-1.28 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1106	P	libpcre1-32bit-8.41-4.20 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62784	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1957	P	xorg-x11-server-sdk-1.20.3-22.5.30.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:48786	P	libdirectfb-1_7-1-32bit-1.7.1-6.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48588	P	pam-1.1.8-14.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48463	P	libXRes1-1.0.7-3.53 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48417	P	fontconfig-2.11.1-7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48447	P	iputils-s20121221-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:1979	P	reiserfs-kmp-default-4.12.14-23.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48519	P	liblua5_2-5.2.2-4.2 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:1974	P	libopenssl-1_0_0-devel-1.0.2n-1.32 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48927	P	libid3tag0-0.15.1b-184.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48446	P	ipsec-tools-0.8.0-15.16 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:48448	P	jakarta-commons-fileupload-1.1.1-120.113 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:1462	P	Security update for java-11-openjdk (Important)	2021-05-11
oval:org.opensuse.security:def:1986	P	ntp-4.2.8p13-4.6.1 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:1984	P	libncurses5-32bit-6.1-5.3.1 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:66730	P	Security update for zstd (Moderate)	2021-04-08
oval:org.opensuse.security:def:69981	P	Security update for screen (Important)	2021-02-17
oval:org.opensuse.security:def:64470	P	Security update for the Linux Kernel (Moderate)	2021-01-14
oval:org.opensuse.security:def:103556	P	libexiv2-26-0.26-6.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:89901	P	libexiv2-26-0.26-6.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62551	P	libexiv2-26-0.26-6.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:107429	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72270	P	libexiv2-26-0.26-6.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62668	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:49021	P	libnewt0_52-0.52.16-1.83 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:72387	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:116987	P	libexiv2-26-0.26-6.8.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:2634	P	Security update for exiv2 (Moderate)	2020-12-02
oval:org.opensuse.security:def:2624	P	Security update for cni, cni-plugins, conmon, fuse-overlayfs, podman (Moderate)	2020-12-02
oval:org.opensuse.security:def:49610	P	PackageKit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49731	P	checkbashisms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49562	P	libmp3lame-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51069	P	Security update for exiv2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:49658	P	libcairo2-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49495	P	wireshark-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:70086	P	libexiv2-26 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:51007	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:49406	P	gdm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49175	P	libidn2-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49547	P	libexiv2-26 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73303	P	python3-requests on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49627	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49493	P	vorbis-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:49664	P	libexiv2-26 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:66638	P	tboot on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:67904	P	libexiv2-26 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:73421	P	libexiv2-26 on GA media (Moderate)	2020-12-01
oval:com.ubuntu.artful:def:201712955000	V	CVE-2017-12955 on Ubuntu 17.10 (artful) - low.	2017-08-18
oval:com.ubuntu.bionic:def:201712955000	V	CVE-2017-12955 on Ubuntu 18.04 LTS (bionic) - low.	2017-08-18
oval:com.ubuntu.bionic:def:2017129550000000	V	CVE-2017-12955 on Ubuntu 18.04 LTS (bionic) - low.	2017-08-18
oval:com.ubuntu.trusty:def:201712955000	V	CVE-2017-12955 on Ubuntu 14.04 LTS (trusty) - low.	2017-08-18
oval:com.ubuntu.xenial:def:2017129550000000	V	CVE-2017-12955 on Ubuntu 16.04 LTS (xenial) - low.	2017-08-18
oval:com.ubuntu.xenial:def:201712955000	V	CVE-2017-12955 on Ubuntu 16.04 LTS (xenial) - low.	2017-08-18

BACK