CVE Vulnerabilities

CVE-2018-16554

Use of Externally-Controlled Format String

Published: Sep 16, 2018 | Modified: Nov 21, 2024
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
LOW

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.

Weakness

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Affected Software

Name Vendor Start Version End Version
Jhead Jhead_project 3.00 (including) 3.00 (including)
Jhead Ubuntu bionic *
Jhead Ubuntu cosmic *
Jhead Ubuntu esm-apps/bionic *
Jhead Ubuntu esm-apps/xenial *
Jhead Ubuntu esm-infra-legacy/trusty *
Jhead Ubuntu trusty *
Jhead Ubuntu trusty/esm *
Jhead Ubuntu upstream *
Jhead Ubuntu xenial *

Potential Mitigations

References