Buffer overflow execution vulnerability in riffvideo.cpp in Exiv2 via a long IKEY INFO tag value in an AVI fileID: oval:org.secpod.oval:def:23620 | Date: (C)2015-02-27 (M)2022-09-09 |
Class: VULNERABILITY | Family: unix |
The host is installed with Exiv2 0.24 and is prone to a buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long IKEY INFO tag value in an AVI file. Successful exploitation allows remote attackers to cause a denial of service (crash).
Platform: |
Red Hat Enterprise Linux 6 |
Red Hat Enterprise Linux 7 |
Red Hat Enterprise Linux 5 |