Skip to main content

Jhead CVE-2018-17088

HIGH
Integer Overflow or Wraparound (CWE-190)
2018-09-16 cve@mitre.org
7.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.8 HIGH
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 16, 2018 - 17:29 nvd
HIGH 7.8

DescriptionNVD

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability.

AnalysisAI

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is an integer overflow during a check for whether a location exceeds the EXIF data length. This is analogous to the CVE-2016-3822 integer overflow in exif.c. This gpsinfo.c vulnerability is unrelated to the CVE-2018-16554 gpsinfo.c vulnerability. Affected products include: Jhead Project Jhead.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

More in Jhead

View all
CVE-2022-41751 HIGH POC
7.8 Oct 17

Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the r

CVE-2021-3496 HIGH POC
7.8 Apr 22

A heap-based buffer overflow was found in jhead in version 3.06 in Get16u() in exif.c when processing a crafted file. Ra

CVE-2018-16554 HIGH POC
7.8 Sep 16

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service

CVE-2020-6625 HIGH POC
7.1 Jan 09

jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. Rated high

CVE-2020-6624 HIGH POC
7.1 Jan 09

jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. Rated high severity (CVSS 7.1), this

CVE-2019-19035 MEDIUM POC
5.5 Nov 17

jhead 3.03 is affected by: heap-based buffer over-read. Rated medium severity (CVSS 5.5), this vulnerability is no authe

CVE-2019-1010302 MEDIUM POC
5.5 Jul 15

jhead 3.03 is affected by: Incorrect Access Control. Rated medium severity (CVSS 5.5), this vulnerability is no authenti

CVE-2019-1010301 MEDIUM POC
5.5 Jul 15

jhead 3.03 is affected by: Buffer Overflow. Rated medium severity (CVSS 5.5), this vulnerability is no authentication re

CVE-2018-6612 MEDIUM
5.5 Feb 04

An integer underflow bug in the process_EXIF function of the exif.c file of jhead 3.00 raises a heap-based buffer over-r

CVE-2025-44906 HIGH POC
7.8 May 30

jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c. Rated high severity

Share

CVE-2018-17088 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy