CVE-2005-0406
CVSS2.1
发布时间 :2005-02-14 00:00:00
修订时间 :2008-09-10 15:35:31
NMCOP    

[原文]A design flaw in image processing software that modifies JPEG images might not modify the original EXIF thumbnail, which could lead to an information leak of potentially sensitive visual information that had been removed from the main JPEG image.


[CNNVD]图像处理软件 JPEG图像处理敏感信息泄露漏洞(CNNVD-200502-052)

        修改JPEG图像可能不修改原始EXIF缩略图的图像处理软件设计缺陷,这可能导致已从主JPEG图像中移除的潜在敏感视觉信息泄漏。

- CVSS (基础分值)

CVSS分值: 2.1 [轻微(LOW)]
机密性影响: PARTIAL [很可能造成信息泄露]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: NONE [对系统可用性无影响]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: LOCAL [漏洞利用需要具有物理访问权限或本地帐户]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0406
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-0406
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200502-052
(官方数据源) CNNVD

- 其它链接及资源

http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt
(VENDOR_ADVISORY)  MISC  http://www.redteam-pentesting.de/advisories/rt-sa-2005-008.txt
http://seclists.org/lists/fulldisclosure/2005/Feb/0343.html
(UNKNOWN)  FULLDISC  20050214 Advisory: JPEG EXIF information disclosure

- 漏洞信息

图像处理软件 JPEG图像处理敏感信息泄露漏洞
低危 未知
2005-02-14 00:00:00 2006-05-12 00:00:00
本地  
        修改JPEG图像可能不修改原始EXIF缩略图的图像处理软件设计缺陷,这可能导致已从主JPEG图像中移除的潜在敏感视觉信息泄漏。

- 公告与补丁

        

- 漏洞信息 (F36176)

rt-sa-2005-008.txt (PacketStormID:F36176)
2005-02-25 00:00:00
 
advisory,info disclosure
CVE-2005-0406
[点击下载]

Images created by digital cameras and later cropped or otherwise modified by applications like Adobe Photoshop often contain an unmodified version of the image in the embedded thumbnail image. This can result in information disclosure.

--Apple-Mail-17--893966045
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed

Advisory: JPEG EXIF information disclosure

The Laboratory for dependable Distributed Systems at RWTH Aachen  
University
likes to raise awareness of common Information Disclosure via
JPEG EXIF thumbnail images in common image processing software.

Details
=======

Product: Image processing software
Affected Version: various
Immune Version: unknown
OS affected: any
Security-Risk: Medium
Remote-Exploit: No
Advisory-URL:
http://tsyklon.informatik.rwth-aachen.de/redteam/advisories/rt-sa-2005 
-008
Advisory-Status: public
CVE: CAN-2005-0406

Introduction
============

Images created by digital cameras and later cropped or otherwise
modified by applications like Adobe Photoshop often contain an
unmodified Version of the Image in the embedded thumbnail image. This
can result in information disclosure.

More Details
============

Digital cameras but also other device embed mini versions
("thumbnails") of the original image in a JPEG image file. Among others
one reason is that while flipping through images on the cameras small
display the camera does not need to decode and scale the full megapixel
picture. The standard to save this thumbnail and other information
within a  JPEG file is called EXIF. The EXIF standard states that image
processing software should leave EXIF headers it doesn't understand
alone.

This means that if an image from a digital camera is edited, e.g. by
making a face unrecognizable, and than the modified version is
published, chances are that the thumbnail still contains the unmodified
version with the unobstructed face. There might be situations where
also disclosure of other information in the EXIF header, like the date
and time the picture was taken or the model of the camera used, is
problematic.

We found that of the JPEG images on the Internet 20 % have a embedded
EXIF Thumbnail and about 2% have a thumbnail which our screening
software considered significantly different from the original image.
After human screening 0.1% can be considered to have thumbnails which
are more than just boring cropping differences.

If you have more Information on this issue we are eager to hear from  
you -
contact dornseif@informatik.rwth-aachen.de.


Proof of Concept
================

See http://blogs.23.nu/disLEXia/stories/5751/ for some example images.
See http://md.hudora.de/presentations/#hiddendata-21c3 for code to find
"interesting" images automatically.


Workaround
==========

There is specialized software available for removing EXIF information.
Use it.


Fix
===

Image processing software should either update or remove the EXIF
thumbnail.


Security Risk
=============

Our research indicates that around 0.001% of all images contain
seriously harmful information in the EXIF thumbnail.


History
=======

2003-07-xx tech.tv moderator incident - private parts in the thumbnail
2004-07-xx Maximillian Dornseif gets aware of this incident, discuss it
at Defcon 12
2004-10-xx Steven J. Murdoch creates exif_thumb to automatically screen
image. We learn that the problem is quite widespread and not an random
software glitch.
2004-12-28 Dornseif & Murdoch present the results form a large scale
survey of images on the internet at the 21. Chaos Communication
Congress
2004-02-12 CVE number requested
2004-02-14 posted to the public as CAN-2005-0406


RedTeam
=======

RedTeam is a penetration testing group working at the Laboratory for
Dependable Distributed Systems at RWTH-Aachen University. You can find
more Information on the RedTeam Project at
http://tsyklon.informatik.rwth-aachen.de/redteam/



-- 
Laboratory for Dependable Distributed Systems, RWTH Aachen University
Get news of the lab at   
http://mail-i4.informatik.rwth-aachen.de/mailman/listinfo/lufgtalk
--Apple-Mail-17--893966045
Content-Transfer-Encoding: base64
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Disposition: attachment;
	filename=smime.p7s

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGWzCCAxQw
ggJ9oAMCAQICAwzibTANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0EwHhcNMDQwODE4MTI1MTUxWhcNMDUwODE4MTI1MTUxWjBUMR8wHQYDVQQD
ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMTEwLwYJKoZIhvcNAQkBFiJkb3Juc2VpZkBpbmZvcm1h
dGlrLnJ3dGgtYWFjaGVuLmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAwMVffI
m78UUzzFpUTBaD3jzSOQABB4r+iznf6HnZ8oJUYvwbjZ8Na/S8Ie4o7VXAA2Dp2ipgAtvypY3VPI
d7LVdcQVJQNOLYQnICMJf7xTtXIoC7gDlOZFRfIl0zdrvNIOx+nhXgIgoQ7/IUcGQXF5Xgjg4sp1
YH4BFNOGNwl5VqwmazxtIGz5Bxzp3MJMV21T4MDBqX9DJcT9Oq+73fCCHzJh4tyNRrBI2ty9lvUB
n4dMv86jYDPK1BJmI9dy0/NM0ryA2ShHPmnxxNPd5i0s6g41L5M72garF5/RYEViEmTryAaI2yre
0Ps4EVmGH03FLEzTFvLDJL3FeL5gGQIDAQABo2IwYDAOBgNVHQ8BAf8EBAMCA/gwEQYJYIZIAYb4
QgEBBAQDAgWgMC0GA1UdEQQmMCSBImRvcm5zZWlmQGluZm9ybWF0aWsucnd0aC1hYWNoZW4uZGUw
DAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQQFAAOBgQCJCkQHOMXRjNdwnsWFWz8553dpExvcZ6Ff
tPAoXMkArHRvenUCNY+1e9hAed7mcHs4EP9Y04V52b9tJ/NaTR6tQUS8PzO2P/Aw3hjKwh/3CdKO
FwG15KEcZW3KG0jy4Tlp8re0wcxXBxKygq0k7TRqx338MwEVPCisWB+NHumcUDCCAz8wggKooAMC
AQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENh
cGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNV
BAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJz
b25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3Rl
LmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYD
VQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29u
YWwgRnJlZW1haWwgSXNzdWluZyBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV
+065yplaHmjAdQRwnd/p/6Me7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqq
P3FWy688Cwfn8R+RNiQqE88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEE
QB5kGXJgt/sCAwEAAaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSG
Mmh0dHA6Ly9jcmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1Ud
DwQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZI
hvcNAQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNw
PP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq726jTl
EBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggLnMIIC4wIBATBpMGIxCzAJBgNVBAYTAlpBMSUw
IwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVy
c29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDOJtMAkGBSsOAwIaBQCgggFTMBgGCSqGSIb3DQEJ
AzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA1MDIxNDE5MzUzNlowIwYJKoZIhvcNAQkE
MRYEFFUkgSiEJ26XjC7tcHxsrIPp55A+MHgGCSsGAQQBgjcQBDFrMGkwYjELMAkGA1UEBhMCWkEx
JTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMTI1RoYXd0ZSBQ
ZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBAgMM4m0wegYLKoZIhvcNAQkQAgsxa6BpMGIxCzAJ
BgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQD
EyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDOJtMA0GCSqGSIb3DQEBAQUA
BIIBABJzJN2MvI6hBfDR/tbZx8lzr6XR3x/VXmtlnd2H33PIuFUcyP7F/QsUVq7GnFsQ6DRVBj07
UVqGoDIa2mADqp395GVeV3NcZXnuB7aGaUEDZAEnzIuIjdUxxItXBXxljmEoNEKGk2aY0AEs6tfw
uiDIrSyJOshYLqo9ESyIUmulTRyhlnzMILaPWuO5wIiCgXmiQ0bsFwPepthSOstI7tLwisv4g6lt
pmnoHTsfGQlaz2/y1ce/K0EfKPujPsGh1UZfWMcBPaLfC3LQ0TKGl1OgSim+wajzW1HO31iHPIHS
d9Zw0oetGS09aKnEh7FOxa5IimlnJ1OVW5w/5yTCmSkAAAAAAAA=

--Apple-Mail-17--893966045--

    

- 漏洞信息

13925
Multiple JPEG Implementation EXIF Thumbnail Information Disclosure
Information Disclosure
Loss of Confidentiality

- 漏洞描述

Unknown or Incomplete

- 时间线

2005-02-13 Unknow
2005-02-13 Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站