** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

A vulnerability was found in Exiv2. It has been declared as critical. Affected by this vulnerability is the function QuickTimeVideo::decodeBlock of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The name of the patch is d3651fdbd352cbaf259f89abf7557da343339378. It is recommended to apply a patch to fix this issue. The identifier VDB-212497 was assigned to this vulnerability.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

VulDB AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

VulDB CWE-119

VulDB CWE-120

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50901 [Exploit, Issue Tracking, Third Party Advisory]

https://github.com/Exiv2/exiv2/commit/d3651fdbd352cbaf259f89abf7557da343339378 [Patch, Third Party Advisory]

https://vuldb.com/?id.212497 [Third Party Advisory]

A-No limiting factors

C-No limiting factors

I-No limiting factors

NIST AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

OR
     *cpe:2.3:a:exiv2:exiv2:-:*:*:*:*:*:*:*

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50901 No Types Assigned

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50901 Exploit, Issue Tracking, Third Party Advisory

https://github.com/Exiv2/exiv2/commit/d3651fdbd352cbaf259f89abf7557da343339378 No Types Assigned

https://github.com/Exiv2/exiv2/commit/d3651fdbd352cbaf259f89abf7557da343339378 Patch, Third Party Advisory

https://vuldb.com/?id.212497 No Types Assigned

https://vuldb.com/?id.212497 Third Party Advisory