Home

CVE-2019-9278

Description

In libexif, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege in the media content provider with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112537774

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.749

Associated Vulnerability

VulnerabilityOS Platform
library to parse EXIF files (USN-4277-1) libexif12_0.6.21-2ubuntu0.1_i386.debLinux
library to parse EXIF files (USN-4277-1) libexif12_0.6.21-2ubuntu0.1_amd64.debLinux
library to parse EXIF files (USN-4277-1) libexif12_0.6.21-4ubuntu0.1_i386.debLinux
library to parse EXIF files (USN-4277-1) libexif12_0.6.21-4ubuntu0.1_amd64.debLinux
library to parse EXIF files (USN-4277-1) libexif12_0.6.21-5.1ubuntu0.1_i386.debLinux
library to parse EXIF files (USN-4277-1) libexif12_0.6.21-5.1ubuntu0.1_amd64.debLinux
SUSE-SU-2020:0457-1(SUSE Linux Enterprise Desktop 12-SP4 ) libexif-debugsource-0.6.21-8.6.1.x86_64.rpmLinux
SUSE-SU-2020:0457-1(SUSE Linux Enterprise Desktop 12-SP4 ) libexif12-0.6.21-8.6.1.x86_64.rpmLinux
SUSE-SU-2020:0457-1(SUSE Linux Enterprise Desktop 12-SP4 ) libexif12-32bit-0.6.21-8.6.1.x86_64.rpmLinux
SUSE-SU-2020:0457-1(SUSE Linux Enterprise Desktop 12-SP4 ) libexif12-debuginfo-0.6.21-8.6.1.x86_64.rpmLinux
SUSE-SU-2020:0457-1(SUSE Linux Enterprise Desktop 12-SP4 ) libexif12-debuginfo-32bit-0.6.21-8.6.1.x86_64.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif-debugsource-0.6.22-8.9.1.x86_64.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif-debugsource-0.6.22-8.9.1.x86_64_SP5.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-0.6.22-8.9.1.x86_64.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-0.6.22-8.9.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-32bit-0.6.22-8.9.1.x86_64.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-32bit-0.6.22-8.9.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-debuginfo-0.6.22-8.9.1.x86_64.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-debuginfo-0.6.22-8.9.1.x86_64_SP4.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP5 ) libexif12-debuginfo-32bit-0.6.22-8.9.1.x86_64.rpmLinux
SUSE-SU-2020:1534-1(SUSE Linux Enterprise Server 12-SP4 ) libexif12-debuginfo-32bit-0.6.22-8.9.1.x86_64_SP4.rpmLinux
(RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-0.6.22-1.el7.i686.rpmLinux
(RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-0.6.22-1.el7.x86_64.rpmLinux
(RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-devel-0.6.22-1.el7.i686.rpmLinux
(RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-devel-0.6.22-1.el7.x86_64.rpmLinux
(RHSA-2020:4040) libexif security, bug fix, and enhancement update libexif-doc-0.6.22-1.el7.x86_64.rpmLinux
(RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-0.6.22-4.el8.i686.rpmLinux
(RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-0.6.22-4.el8.x86_64.rpmLinux
(RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-debugsource-0.6.22-4.el8.i686.rpmLinux
(RHSA-2020:4766) libexif security, bug fix, and enhancement update libexif-debugsource-0.6.22-4.el8.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234