CVE-2005-4676
EPSS 12.8%
Description
Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null terminate strings before calling the sscanf function, which allows remote attackers to cause a denial of service (application crash) via images with crafted IPTC metadata.
How to fix CVE-2005-4676
To remediate CVE-2005-4676, upgrade the affected package to a fixed version below.
- Debian/exiv2—upgrade to 0.9 or later
Is CVE-2005-4676 being exploited?
Moderate — EPSS is 12.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 0.9