CVE-2018-9304

MEDIUM

Exiv2 < 0.26 - Divide By Zero

Title source: rule
STIX 2.1

Description

In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.

References (3)

Core 3
Core References
Exploit, Issue Tracking, Patch x_refsource_misc
https://github.com/Exiv2/exiv2/issues/262
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201811-14

Scores

CVSS v3 6.5
EPSS 0.0046
EPSS Percentile 63.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE
CWE-369
Status published
Products (1)
exiv2/exiv2 < 0.26
Published Apr 04, 2018
Tracked Since Feb 18, 2026