CVE-2024-42851

Buffer Overflow vulnerability in open source exiftags v.1.01 allows a local attacker to execute arbitrary code via the paresetag function.
References
Link Resource
https://github.com/T1anyang/fuzzing/tree/main/exiftags Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:aertherwide:exiftags:*:*:*:*:*:*:*:*

History

30 Aug 2024, 15:30

Type Values Removed Values Added
References () https://github.com/T1anyang/fuzzing/tree/main/exiftags - () https://github.com/T1anyang/fuzzing/tree/main/exiftags - Exploit, Third Party Advisory
CWE CWE-787
First Time Aertherwide
Aertherwide exiftags
CVSS v2 : unknown
v3 : 8.4
v2 : unknown
v3 : 7.8
CPE cpe:2.3:a:aertherwide:exiftags:*:*:*:*:*:*:*:*

28 Aug 2024, 20:15

Type Values Removed Values Added
References
  • {'url': 'https://github.com/T1anyang/fuzzing/blob/main/exiftags/crash.md', 'source': 'cve@mitre.org'}
  • () https://github.com/T1anyang/fuzzing/tree/main/exiftags -
Summary
  • (es) La vulnerabilidad de desbordamiento de búfer en exiftags de código abierto v.1.01 permite a un atacante local ejecutar código arbitrario a través de la función paresetag.

27 Aug 2024, 19:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.4
CWE CWE-122

27 Aug 2024, 18:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-27 18:15

Updated : 2024-08-30 15:30


NVD link : CVE-2024-42851

Mitre link : CVE-2024-42851

CVE.ORG link : CVE-2024-42851


JSON object : View

Products Affected

aertherwide

  • exiftags
CWE
CWE-787

Out-of-bounds Write

CWE-122

Heap-based Buffer Overflow