ALT-PU-2019-2540-1
Closed vulnerabilities
Published: 2019-07-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-1010301
jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of service. The component is: gpsinfo.c Line 151 ProcessGpsInfo(). The attack vector is: Open a specially crafted JPEG file.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1838251
- https://bugs.launchpad.net/ubuntu/+source/jhead/+bug/1838251
- https://bugzilla.redhat.com/show_bug.cgi?id=1679952
- https://bugzilla.redhat.com/show_bug.cgi?id=1679952
- https://launchpadlibrarian.net/435112680/32_crash_in_gpsinfo
- https://launchpadlibrarian.net/435112680/32_crash_in_gpsinfo
- [debian-lts-announce] 20191231 [SECURITY] [DLA 2054-1] jhead security update
- [debian-lts-announce] 20191231 [SECURITY] [DLA 2054-1] jhead security update
- FEDORA-2019-17b95fecd3
- FEDORA-2019-17b95fecd3
- FEDORA-2019-441c2fb0d1
- FEDORA-2019-441c2fb0d1
- GLSA-202007-17
- GLSA-202007-17
Published: 2019-07-15
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-1010302
jhead 3.03 is affected by: Incorrect Access Control. The impact is: Denial of service. The component is: iptc.c Line 122 show_IPTC(). The attack vector is: the victim must open a specially crafted JPEG file.
Severity: MEDIUM (5.5)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1679978
- https://bugzilla.redhat.com/show_bug.cgi?id=1679978
- [debian-lts-announce] 20191231 [SECURITY] [DLA 2054-1] jhead security update
- [debian-lts-announce] 20191231 [SECURITY] [DLA 2054-1] jhead security update
- FEDORA-2019-17b95fecd3
- FEDORA-2019-17b95fecd3
- FEDORA-2019-441c2fb0d1
- FEDORA-2019-441c2fb0d1
- GLSA-202007-17
- GLSA-202007-17