Unrated severityNVD Advisory· Published Dec 31, 2005· Updated Jun 16, 2026
CVE-2005-4676
CVE-2005-4676
Description
Buffer overflow in Andreas Huggel Exiv2 before 0.9 does not null terminate strings before calling the sscanf function, which allows remote attackers to cause a denial of service (application crash) via images with crafted IPTC metadata.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:andreas_huggel:exiv2:0.3:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:andreas_huggel:exiv2:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:andreas_huggel:exiv2:0.8:*:*:*:*:*:*:*
- (no CPE)range: <0.9
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.