CVE-2018-16554

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.
Configurations

Configuration 1

cpe:2.3:a:jhead_project:jhead:3.00:*:*:*:*:*:*:*

Information

Published : 2018-09-16 02:29

Updated : 2019-12-31 08:15


NVD link : CVE-2018-16554

Mitre link : CVE-2018-16554

Products Affected
No products.
CWE
CWE-134

Use of Externally-Controlled Format String