CVE-2005-0406
MEDIUMimage_processing - Information Exposure via Unmodified EXIF Thumbnail
Title source: llmDescription
A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.
References (2)
Core 2
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt
Mailing List, Third Party Advisory mailing-list
x_refsource_fulldisc
http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html
Scores
CVSS v3
5.5
EPSS
0.0046
EPSS Percentile
36.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-212
Status
published
Products (1)
image_processing_project/image_processing
Published
Feb 14, 2005
Tracked Since
Feb 18, 2026