mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
689 B
689 B
CVE-2018-12264
Description
Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.
POC
Reference
- https://github.com/Exiv2/exiv2/issues/366
- https://github.com/TeamSeri0us/pocs/blob/master/exiv2/2-out-of-read-Poc