CVE-2005-0406

Publication date 14 February 2005

Last updated 24 July 2024


Ubuntu priority

Cvss 3 Severity Score

5.5 · Medium

Score breakdown

A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status

Notes


kees

very general issue, and not presently addressed.

Severity score breakdown

Parameter Value
Base score 5.5 · Medium
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N