CVE-2017-1000414 Information

Description

ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division by zero in the JFIF decode handling resulting denial of service.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

https://github.com/ImpulseAdventure/JPEGsnoop/commit/b4e458612d4294e0cfe01dbf1c0b09a07a8133a4diff-cf9182aecc9d630e8db2e0e35f1eec65 https://www.impulseadventure.com/photo/jpeg-snoop-history.html

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5