Skip to main content

Libexif CVE-2020-12767

MEDIUM
Divide By Zero (CWE-369)
2020-05-09 cve@mitre.org
5.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
May 09, 2020 - 21:15 nvd
MEDIUM 5.5

DescriptionNVD

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.

AnalysisAI

exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-369. exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. Affected products include: Libexif Project Libexif, Debian Debian Linux, Canonical Ubuntu Linux, Opensuse Leap.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-7544 CRITICAL POC
9.1 Sep 21

libexif through 0.6.21 is vulnerable to out-of-bounds heap read vulnerability in exif_data_save_data_entry function in l

CVE-2020-13112 CRITICAL
9.1 May 21

An issue was discovered in libexif before 0.6.22. Rated critical severity (CVSS 9.1), this vulnerability is remotely exp

CVE-2012-2841 HIGH
7.5 Jul 13

Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6

CVE-2012-2814 HIGH
7.5 Jul 13

Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.

CVE-2020-13113 HIGH
8.2 May 21

An issue was discovered in libexif before 0.6.22. Rated high severity (CVSS 8.2), this vulnerability is remotely exploit

CVE-2012-2840 HIGH
7.5 Jul 13

Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif

CVE-2020-0198 HIGH
7.5 Jun 11

In exif_data_load_data_content of exif-data.c, there is a possible UBSAN abort due to an integer overflow. Rated high se

CVE-2020-0181 HIGH
7.5 Jun 11

In exif_data_load_data_thumbnail of exif-data.c, there is a possible denial of service due to an integer overflow. Rated

CVE-2020-13114 HIGH
7.5 May 21

An issue was discovered in libexif before 0.6.22. Rated high severity (CVSS 7.5), this vulnerability is remotely exploit

CVE-2026-32775 HIGH
7.4 Mar 16

Integer underflow in libexif 0.6.25 and earlier allows local attackers to overwrite memory via crafted MakerNote EXIF da

CVE-2012-2836 MEDIUM
6.4 Jul 13

The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remot

CVE-2012-2812 MEDIUM
6.4 Jul 13

The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows rem

Share

CVE-2020-12767 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy