{"id":"PYSEC-2008-11","details":"Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to \"pretty printing\" and the RationalValue::toLong function.","modified":"2025-10-09T05:15:29.951129Z","published":"2008-06-13T19:41:00Z","withdrawn":"2024-11-22T04:37:03Z","references":[{"type":"EVIDENCE","url":"http://bugzilla.gnome.org/show_bug.cgi?id=524715"},{"type":"WEB","url":"http://dev.robotbattle.com/bugs/view.php?id=0000546"},{"type":"WEB","url":"http://www.exiv2.org/changelog.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/29586"},{"type":"ADVISORY","url":"http://secunia.com/advisories/30519"},{"type":"ADVISORY","url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:119"},{"type":"ADVISORY","url":"http://secunia.com/advisories/32273"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/usn-655-1"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html"},{"type":"ADVISORY","url":"http://www.vupen.com/english/advisories/2008/1766/references"},{"type":"WEB","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42885"}],"affected":[{"package":{"name":"exiv2","ecosystem":"PyPI","purl":"pkg:pypi/exiv2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["0.1","0.11.0","0.11.1","0.11.2","0.11.3","0.12.0","0.12.1","0.13.0","0.13.1","0.13.2","0.14.0","0.14.1","0.15.0","0.16.0","0.16.1","0.16.2","0.16.2.post1","0.16.3","0.16.3.post1","0.17.0","0.17.1","0.2","0.3","0.3.1","0.17.2","0.17.3","0.17.4","0.17.5"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/exiv2/PYSEC-2008-11.yaml"}}],"schema_version":"1.7.3"}