Unrated severityNVD Advisory· Published Jun 13, 2008· Updated Apr 23, 2026

CVE-2008-2696

Description

Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to "pretty printing" and the RationalValue::toLong function.

Affected products

Exiv2/Exiv2
cpe:2.3:a:exiv2:exiv2:0.16:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugzilla.gnome.org/show_bug.cginvdExploit
secunia.com/advisories/30519nvdVendor Advisory
dev.robotbattle.com/bugs/view.phpnvd
lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.htmlnvd
secunia.com/advisories/32273nvd
www.exiv2.org/changelog.htmlnvd
www.mandriva.com/security/advisoriesnvd
www.securityfocus.com/bid/29586nvd
www.ubuntu.com/usn/usn-655-1nvd
www.vupen.com/english/advisories/2008/1766/referencesnvd
exchange.xforce.ibmcloud.com/vulnerabilities/42885nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000