Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Heap-buffer-overflow in jhead
Vulnerability Description
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting in a program crash or potentially incorrect exif information retrieval. Users are advised to upgrade. There is no known workaround for this issue.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
N/A
Vulnerability Title
jhead 缓冲区错误漏洞
Vulnerability Description
jhead是一款用于修改JPEG文件信息的工具。 JHEAD 中存在缓冲区错误漏洞,该漏洞源于的jpgfile.c:285 ReadJpegSections函数在处理JPEG图片时未能正确处理内存边界。攻击者可通过该漏洞导致程序崩溃或可能不正确的exif信息检索。
CVSS Information
N/A
Vulnerability Type
N/A