The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4252-1 advisory.

  - There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2     0.27-RC3. A crafted input will lead to a remote denial of service attack. (CVE-2018-20097)

  - A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to     cause a denial of service (crash due to an std::bad_alloc exception) via a crafted PNG image file.
    (CVE-2019-13112)

  - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata     of image files. A heap buffer overflow was found in Exiv2 versions v0.27.3 and earlier. The heap overflow     is triggered when Exiv2 is used to write metadata into a crafted image file. An attacker could potentially     exploit the vulnerability to gain code execution, if they can trick the victim into running Exiv2 on a     crafted image file. Note that this bug is only triggered when _writing_ the metadata, which is a less     frequently used Exiv2 operation than _reading_ the metadata. For example, to trigger the bug in the Exiv2     command-line application, you need to add an extra command-line argument such as `insert`. The bug is     fixed in version v0.27.4. (CVE-2021-29457)

  - Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and     ICC image metadata. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. Exiv2 is a     command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image     files. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file.
    An attacker could potentially exploit the vulnerability to cause a denial of service by crashing Exiv2, if     they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered     when writing the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For     example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line     argument such as `insert`. The bug is fixed in version v0.27.4. Please see our security policy for     information about Exiv2 security. (CVE-2021-29473)

  - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata     of image files. The assertion failure is triggered when Exiv2 is used to modify the metadata of a crafted     image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they     can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when     modifying the metadata, which is a less frequently used Exiv2 operation than reading the metadata. For     example, to trigger the bug in the Exiv2 command-line application, you need to add an extra command-line     argument such as `fi`. ### Patches The bug is fixed in version v0.27.5. ### References Regression test and     bug fix: #1739 ### For more information Please see our [security     policy](https://github.com/Exiv2/exiv2/security/policy) for information about Exiv2 security.
    (CVE-2021-32815)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

SUSE SLES12 Security Update : exiv2 (SUSE-SU-2022:4252-1)

high Nessus Plugin ID 168254

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.8 Nov 9, 2023, 5:53 PM CVSS metrics ("CVSSv3 score" set to 7.8. "CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H") Plugin Feed: 202311091753
Version 1.7 Nov 8, 2023, 3:41 PM CVSSv2 score source (changed from "CVE-2021-31291" to "CVE-2021-29457") Plugin Feed: 202311081541
Version 1.6 Aug 2, 2023, 10:14 PM Plugin metadata Plugin Feed: 202308022214
Version 1.5 Jul 14, 2023, 4:28 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:POC/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:P/RL:O/RC:C") Detection Plugin metadata Plugin Feed: 202307141628
Version 1.4 Jul 12, 2023, 5:37 PM Detection Plugin Feed: 202307121737
Version 1.3 Mar 10, 2023, 5:10 PM Logic Changes (Added support for additional SUSE Platforms) Plugin Feed: 202303101710
Version 1.2 Nov 29, 2022, 1:45 PM New Plugin Feed: 202211291345