Integer Overflow Vulnerability in Exiv2 0.26's LoaderTiff::getData() in preview.cpp

Integer Overflow Vulnerability in Exiv2 0.26's LoaderTiff::getData() in preview.cpp

CVE-2018-12264 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Exiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.

Learn more about our Web Application Penetration Testing UK.