CVE-2016-3822

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-3822
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3822.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2016-3822
Downstream
Related
Published
2016-08-05T20:59:10.723Z
Modified
2026-02-24T01:09:19.915592Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

exif.c in Matthias Wandel jhead 2.87, as used in libjhead in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-08-01, allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds access) via crafted EXIF data, aka internal bug 28868315.

References

Affected packages

Git / github.com/horde/horde

Affected ranges

Type
GIT
Repo
https://github.com/horde/horde
Events
Introduced
606b0c227979a07b420011ee2c2e2e66115a2496
Fixed
387fb342847f543aa2c118a7f9b515d020235be7
Introduced
7c483f4b692abb6a52887ec638f5bb38da9e03c0
Fixed
caa0901ee7bd6610e96a933fccf2cf7b5ca3163e

Affected versions

ansel-3.*
ansel-3.0.0beta1
ansel-3.0.0rc1
content-2.*
content-2.0.1
content-2.0.3
gollem-3.*
gollem-3.0.0beta1
gollem-3.0.0rc1
gollem-3.0.1
groupware-5.*
groupware-5.0.1
groupware-5.0.2
groupware-5.1.1
horde-5.*
horde-5.0.1
horde-5.0.2
horde-5.1.1
horde-5.1.2
horde_activesync-2.*
horde_activesync-2.0.1
horde_activesync-2.0.2
horde_activesync-2.0.3
horde_activesync-2.0.4
horde_activesync-2.0.5
horde_activesync-2.0.6
horde_activesync-2.0.7
horde_activesync-2.5.0
horde_activesync-2.5.3
horde_activesync-2.5.4
horde_activesync-2.5.5
horde_alarm-2.*
horde_alarm-2.0.1
horde_alarm-2.0.2
horde_argv-2.*
horde_argv-2.0.1
horde_argv-2.0.2
horde_auth-2.*
horde_auth-2.0.1
horde_auth-2.0.5
horde_autoloader-2.*
horde_autoloader-2.0.1
horde_autoloader_cache-2.*
horde_autoloader_cache-2.0.1
horde_browser-2.*
horde_browser-2.0.1
horde_browser-2.0.2
horde_cache-2.*
horde_cache-2.0.1
horde_cache-2.2.1
horde_cli-2.*
horde_cli-2.0.1
horde_cli-2.0.4
horde_cli_modular-2.*
horde_cli_modular-2.0.1
horde_compress-2.*
horde_compress-2.0.1
horde_compress-2.0.4
horde_compress_fast-1.*
horde_compress_fast-1.0.2
horde_constraint-2.*
horde_constraint-2.0.1
horde_controller-2.*
horde_controller-2.0.1
horde_core-2.*
horde_core-2.0.1
horde_core-2.0.2
horde_core-2.0.3
horde_core-2.0.4
horde_core-2.6.0
horde_core-2.6.1
horde_core-2.6.2
horde_crypt-2.*
horde_crypt-2.1.0
horde_crypt-2.2.1
horde_crypt_blowfish-1.*
horde_crypt_blowfish-1.0.0
horde_crypt_blowfish-1.0.1
horde_data-2.*
horde_data-2.0.1
horde_datatree-2.*
horde_datatree-2.0.0
horde_datatree-2.0.1
horde_date-2.*
horde_date-2.0.1
horde_date_parser-2.*
horde_date_parser-2.0.1
horde_dav-1.*
horde_dav-1.0.1
horde_db-2.*
horde_db-2.0.1
horde_editor-2.*
horde_editor-2.0.1
horde_elasticsearch-1.*
horde_elasticsearch-1.0.1
horde_exception-2.*
horde_exception-2.0.1
horde_feed-2.*
horde_feed-2.0.1
horde_form-2.*
horde_form-2.0.1
horde_form-2.0.5
horde_group-2.*
horde_group-2.0.1
horde_hashtable-1.*
horde_hashtable-1.0.1
horde_history-2.*
horde_history-2.0.1
horde_history-2.1.0
horde_http-2.*
horde_http-2.0.1
horde_icalendar-2.*
horde_icalendar-2.0.1
horde_icalendar-2.0.6
horde_icalendar-2.0.7
horde_image-2.*
horde_image-2.0.1
horde_image-2.0.5
horde_imap_client-2.*
horde_imap_client-2.1.0
horde_imap_client-2.1.1
horde_imap_client-2.1.3
horde_imap_client-2.1.4
horde_imap_client-2.1.5
horde_imap_client-2.1.6
horde_imap_client-2.11.5
horde_imap_client-2.11.6
horde_imap_client-2.2.0
horde_imap_client-2.2.1
horde_imap_client-2.2.2
horde_imsp-2.*
horde_imsp-2.0.1
horde_imsp-2.0.4
horde_imsp-2.0.5
horde_injector-2.*
horde_injector-2.0.1
horde_injector-2.0.2
horde_itip-2.*
horde_itip-2.0.1
horde_kolab_format-2.*
horde_kolab_format-2.0.1
horde_kolab_server-2.*
horde_kolab_server-2.0.1
horde_kolab_session-2.*
horde_kolab_session-2.0.1
horde_kolab_storage-2.*
horde_kolab_storage-2.0.1
horde_kolab_storage-2.0.2
horde_ldap-2.*
horde_ldap-2.0.1
horde_listheaders-1.*
horde_listheaders-1.0.1
horde_lock-2.*
horde_lock-2.0.1
horde_log-2.*
horde_log-2.0.1
horde_logintasks-2.*
horde_logintasks-2.0.1
horde_lz4-1.*
horde_lz4-1.0.1
horde_mail-2.*
horde_mail-2.0.1
horde_mail-2.0.6
horde_memcache-2.*
horde_memcache-2.0.1
horde_memcache-2.0.3
horde_mime-2.*
horde_mime-2.0.1
horde_mime-2.2.1
horde_mime-2.2.2
horde_mime-2.2.3
horde_mime_viewer-2.*
horde_mime_viewer-2.0.1
horde_mongo-1.*
horde_mongo-1.0.1
horde_nls-2.*
horde_nls-2.0.1
horde_notification-2.*
horde_notification-2.0.1
horde_oauth-2.*
horde_oauth-2.0.1
horde_pdf-2.*
horde_pdf-2.0.1
horde_perms-2.*
horde_perms-2.0.1
horde_prefs-2.*
horde_prefs-2.0.1
horde_prefs-2.5.0
horde_queue-1.*
horde_queue-1.0.0alpha1
horde_rdo-2.*
horde_rdo-2.0.1
horde_release-2.*
horde_release-2.0.1
horde_release-2.0.2
horde_role-1.*
horde_role-1.0.1
horde_routes-2.*
horde_routes-2.0.1
horde_rpc-2.*
horde_rpc-2.0.1
horde_scheduler-2.*
horde_scheduler-2.0.1
horde_scribe-2.*
horde_scribe-2.0.1
horde_secret-2.*
horde_secret-2.0.1
horde_secret-2.0.2
horde_serialize-2.*
horde_serialize-2.0.1
horde_service_facebook-2.*
horde_service_facebook-2.0.1
horde_service_twitter-2.*
horde_service_twitter-2.0.1
horde_service_twitter-2.1.0
horde_service_twitter-2.1.1
horde_service_urlshortener-2.*
horde_service_urlshortener-2.0.1
horde_service_weather-2.*
horde_service_weather-2.0.1
horde_sessionhandler-2.*
horde_sessionhandler-2.0.1
horde_share-2.*
horde_share-2.0.1
horde_share-2.0.4
horde_spellchecker-2.*
horde_spellchecker-2.0.1
horde_stream-1.*
horde_stream-1.1.0
horde_stream-1.1.1
horde_stream-1.2.0
horde_stream_filter-2.*
horde_stream_filter-2.0.1
horde_stream_wrapper-2.*
horde_stream_wrapper-2.0.1
horde_support-2.*
horde_support-2.0.1
horde_support-2.0.2
horde_syncml-2.*
horde_syncml-2.0.1
horde_template-2.*
horde_template-2.0.1
horde_test-2.*
horde_test-2.1.0
horde_text_diff-2.*
horde_text_diff-2.0.1
horde_text_filter-2.*
horde_text_filter-2.0.1
horde_text_filter-2.0.2
horde_text_filter-2.0.3
horde_text_filter_csstidy-2.*
horde_text_filter_csstidy-2.0.1
horde_text_flowed-2.*
horde_text_flowed-2.0.1
horde_thrift-2.*
horde_thrift-2.0.1
horde_timezone-1.*
horde_timezone-1.0.1
horde_token-2.*
horde_token-2.0.1
horde_translation-2.*
horde_translation-2.0.1
horde_tree-2.*
horde_tree-2.0.1
horde_url-2.*
horde_url-2.0.1
horde_util-2.*
horde_util-2.0.1
horde_util-2.3.0
horde_vfs-2.*
horde_vfs-2.0.1
horde_vfs-2.0.2
horde_vfs-2.0.3
horde_vfs-2.1.1
horde_view-2.*
horde_view-2.0.1
horde_xml_element-2.*
horde_xml_element-2.0.1
horde_xml_wbxml-2.*
horde_xml_wbxml-2.0.1
horde_yaml-2.*
horde_yaml-2.0.1
imp-6.*
imp-6.0.1
imp-6.0.2
imp-6.1.1
imp-6.1.2
imp-6.1.3
ingo-3.*
ingo-3.0.1
ingo-3.1.1
ingo-3.1.2
kronolith-4.*
kronolith-4.0.1
kronolith-4.0.2
kronolith-4.1.1
kronolith-4.1.2
mnemo-4.*
mnemo-4.0.1
mnemo-4.1.1
nag-4.*
nag-4.0.1
nag-4.1.1
timeobjects-2.*
timeobjects-2.0.1
timeobjects-2.0.4
trean-1.*
trean-1.0.0beta1
trean-1.0.0beta2
trean-1.0.2
trean-1.0.3
turba-4.*
turba-4.0.1
turba-4.1.1
v3.*
v3.0.0beta1
v3.0.0rc1
webmail-5.*
webmail-5.0.0
webmail-5.0.1
webmail-5.1.0
whups-3.*
whups-3.0.0beta1
whups-3.0.0rc1
wicked-2.*
wicked-2.0.0beta1
wicked-2.0.0rc1

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-3822.json"