CVE-2005-0406

MEDIUM5.5

A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image

Published Feb 16, 2005

Modified 1 years ago

No fix available

Details

A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.

References

WEBhttp://seclists.org/lists/fulldisclosure/2005/Feb/0343.html WEBhttp://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2005-0406

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

NoneA:N

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Ecosystems

Timeline

PublishedFeb 16, 2005

ModifiedAug 7, 2024