{"suse": [{"lastseen": "2018-10-23T16:31:01", "bulletinFamily": "unix", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "description": "This update for exiv2 fixes the following issues:\n\n exiv2 was updated to latest 0.26 branch, fixing bugs and security issues:\n\n - CVE-2018-12264, CVE-2018-12265: Integer overflows in the LoaderExifJpeg\n class could lead to memory corruption (bsc#1097599)\n\n", "edition": 1, "modified": "2018-10-23T15:08:18", "published": "2018-10-23T15:08:18", "id": "OPENSUSE-SU-2018:3306-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00045.html", "title": "Security update for exiv2 (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2020-04-09T02:38:59", "bulletinFamily": "unix", "cvelist": ["CVE-2018-19108", "CVE-2018-12264", "CVE-2018-19607", "CVE-2018-17229", "CVE-2017-9239", "CVE-2018-9305", "CVE-2017-1000126", "CVE-2018-12265", "CVE-2018-17230", "CVE-2018-17282", "CVE-2019-13114"], "description": "This update for exiv2 fixes the following issues:\n\n exiv2 was updated to latest 0.26 branch, fixing bugs and security issues:\n\n - CVE-2017-1000126: Fixed an out of bounds read in webp parser\n (bsc#1068873).\n - CVE-2017-9239: Fixed a segmentation fault in\n TiffImageEntry::doWriteImage function (bsc#1040973).\n - CVE-2018-12264: Fixed an integer overflow in LoaderTiff::getData() which\n might have led to an out-of-bounds read (bsc#1097600).\n - CVE-2018-12265: Fixed integer overflows in LoaderExifJpeg which could\n have led to memory corruption (bsc#1097599).\n - CVE-2018-17229: Fixed a heap based buffer overflow in Exiv2::d2Data via\n a crafted image (bsc#1109175).\n - CVE-2018-17230: Fixed a heap based buffer overflow in Exiv2::d2Data via\n a crafted image (bsc#1109176).\n - CVE-2018-17282: Fixed a null pointer dereference in\n Exiv2::DataValue::copy (bsc#1109299).\n - CVE-2018-19108: Fixed an integer overflow in\n Exiv2::PsdImage::readMetadata which could have led to infinite loop\n (bsc#1115364).\n - CVE-2018-19607: Fixed a null pointer dereference in Exiv2::isoSpeed\n which might have led to denial\n of service (bsc#1117513).\n - CVE-2018-9305: Fixed an out of bounds read in IptcData::printStructure\n which might have led to to information leak or denial of service\n (bsc#1088424).\n - CVE-2019-13114: Fixed a null pointer dereference which might have led to\n denial of service via a crafted response of an malicious http server\n (bsc#1142684).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-04-09T00:13:21", "published": "2020-04-09T00:13:21", "id": "OPENSUSE-SU-2020:0482-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html", "title": "Security update for exiv2 (moderate)", "type": "suse", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-01-27T18:39:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181287", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2018-1287)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1287\");\n script_version(\"2020-01-23T11:20:15+0000\");\n script_cve_id(\"CVE-2018-12264\", \"CVE-2018-12265\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:20:15 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:20:15 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2018-1287)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1287\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1287\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'exiv2' package(s) announced via the EulerOS-SA-2018-1287 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.(CVE-2018-12265)\n\nExiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.(CVE-2018-12264)\");\n\n script_tag(name:\"affected\", value:\"'exiv2' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-libs\", rpm:\"exiv2-libs~0.23~6.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T17:40:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310851961", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851961", "type": "openvas", "title": "openSUSE: Security Advisory for exiv2 (openSUSE-SU-2018:3306-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851961\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-12264\", \"CVE-2018-12265\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:23:08 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"openSUSE: Security Advisory for exiv2 (openSUSE-SU-2018:3306-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2018:3306-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2018-10/msg00045.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'exiv2'\n package(s) announced via the openSUSE-SU-2018:3306-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for exiv2 fixes the following issues:\n\n exiv2 was updated to latest 0.26 branch, fixing bugs and security issues:\n\n - CVE-2018-12264, CVE-2018-12265: Integer overflows in the LoaderExifJpeg\n class could lead to memory corruption (bsc#1097599)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2018-1224=1\");\n\n script_tag(name:\"affected\", value:\"exiv2 on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n if(!isnull(res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-debuginfo\", rpm:\"exiv2-debuginfo~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-debugsource\", rpm:\"exiv2-debugsource~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26\", rpm:\"libexiv2-26~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26-debuginfo\", rpm:\"libexiv2-26-debuginfo~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-doc\", rpm:\"libexiv2-doc~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26-32bit\", rpm:\"libexiv2-26-32bit~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26-32bit-debuginfo\", rpm:\"libexiv2-26-32bit-debuginfo~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-lang\", rpm:\"exiv2-lang~0.26~lp150.5.6.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181286", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181286", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2018-1286)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1286\");\n script_version(\"2020-01-23T11:20:13+0000\");\n script_cve_id(\"CVE-2018-12264\", \"CVE-2018-12265\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:20:13 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:20:13 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2018-1286)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1286\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1286\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'exiv2' package(s) announced via the EulerOS-SA-2018-1286 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Exiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.(CVE-2018-12265)\n\nExiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.(CVE-2018-12264)\");\n\n script_tag(name:\"affected\", value:\"'exiv2' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-libs\", rpm:\"exiv2-libs~0.23~6.h2\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:07:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "description": "Several vulnerabilities have been discovered in exiv2, a C++ library and\na command line utility to manage image metadata, resulting in denial of\nservice, heap-based buffer over-read/overflow, memory exhaustion, and\napplication crash.", "modified": "2020-01-29T00:00:00", "published": "2018-07-10T00:00:00", "id": "OPENVAS:1361412562310891402", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891402", "type": "openvas", "title": "Debian LTS: Security Advisory for exiv2 (DLA-1402-1)", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891402\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-10999\", \"CVE-2018-11531\", \"CVE-2018-12264\",\n \"CVE-2018-12265\");\n script_name(\"Debian LTS: Security Advisory for exiv2 (DLA-1402-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-07-10 00:00:00 +0200 (Tue, 10 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"exiv2 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n0.24-4.1+deb8u1.\n\nWe recommend that you upgrade your exiv2 packages.\");\n\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in exiv2, a C++ library and\na command line utility to manage image metadata, resulting in denial of\nservice, heap-based buffer over-read/overflow, memory exhaustion, and\napplication crash.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.24-4.1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-13\", ver:\"0.24-4.1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-dbg\", ver:\"0.24-4.1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-dev\", ver:\"0.24-4.1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-doc\", ver:\"0.24-4.1+deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "description": "The remote host is missing an update for the ", "modified": "2019-03-18T00:00:00", "published": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310843785", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843785", "type": "openvas", "title": "Ubuntu Update for exiv2 USN-3700-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3700_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for exiv2 USN-3700-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843785\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-10999\", \"CVE-2018-11531\", \"CVE-2018-12264\", \"CVE-2018-12265\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-10-26 06:19:24 +0200 (Fri, 26 Oct 2018)\");\n script_name(\"Ubuntu Update for exiv2 USN-3700-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|18\\.04 LTS|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3700-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3700-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'exiv2'\n package(s) announced via the USN-3700-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that Exiv2 incorrectly handled certain files.\nAn attacker could possibly use this to cause a denial of service.\n(CVE-2018-10958, CVE-2018-10998)\n\nIt was discovered that Exiv2 incorrectly handled certain PNG files.\nAn attacker could possibly use this to access sensitive information.\n(CVE-2018-10999)\n\nIt was discovered that Exiv2 incorrectly handled certain files.\nAn attacker could possibly use this to execute arbitrary code.\n(CVE-2018-11531)\n\nIt was discovered that Exiv2 incorrectly handled certain files.\nAn attacker could possibly use this to access sensitive information.\n(CVE-2018-12264, CVE-2018-12265)\");\n\n script_tag(name:\"affected\", value:\"exiv2 on Ubuntu 18.04 LTS,\n Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.23-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-12\", ver:\"0.23-1ubuntu2.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.25-3.1ubuntu0.17.10.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-14\", ver:\"0.25-3.1ubuntu0.17.10.1\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.25-3.1ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-14\", ver:\"0.25-3.1ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.25-2.1ubuntu16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libexiv2-14\", ver:\"0.25-2.1ubuntu16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "description": "Several vulnerabilities have been discovered in Exiv2, a C++ library and\na command line utility to manage image metadata which could result in\ndenial of service or the execution of arbitrary code if a malformed file\nis parsed.", "modified": "2019-07-04T00:00:00", "published": "2018-07-03T00:00:00", "id": "OPENVAS:1361412562310704238", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704238", "type": "openvas", "title": "Debian Security Advisory DSA 4238-1 (exiv2 - security update)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4238-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704238\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-10999\", \"CVE-2018-11531\", \"CVE-2018-12264\",\n \"CVE-2018-12265\");\n script_name(\"Debian Security Advisory DSA 4238-1 (exiv2 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-07-03 00:00:00 +0200 (Tue, 03 Jul 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4238.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"exiv2 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 0.25-3.1+deb9u1.\n\nWe recommend that you upgrade your exiv2 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/exiv2\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in Exiv2, a C++ library and\na command line utility to manage image metadata which could result in\ndenial of service or the execution of arbitrary code if a malformed file\nis parsed.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"exiv2\", ver:\"0.25-3.1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-14\", ver:\"0.25-3.1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-dbg\", ver:\"0.25-3.1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-dev\", ver:\"0.25-3.1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libexiv2-doc\", ver:\"0.25-3.1+deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-15T14:41:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-19108", "CVE-2018-12264", "CVE-2018-19607", "CVE-2018-17229", "CVE-2017-9239", "CVE-2018-9305", "CVE-2017-1000126", "CVE-2018-12265", "CVE-2018-17230", "CVE-2018-17282", "CVE-2019-13114"], "description": "The remote host is missing an update for the ", "modified": "2020-04-10T00:00:00", "published": "2020-04-09T00:00:00", "id": "OPENVAS:1361412562310853101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853101", "type": "openvas", "title": "openSUSE: Security Advisory for exiv2 (openSUSE-SU-2020:0482-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853101\");\n script_version(\"2020-04-10T03:46:49+0000\");\n script_cve_id(\"CVE-2017-1000126\", \"CVE-2017-9239\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-17229\", \"CVE-2018-17230\", \"CVE-2018-17282\", \"CVE-2018-19108\", \"CVE-2018-19607\", \"CVE-2018-9305\", \"CVE-2019-13114\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-10 03:46:49 +0000 (Fri, 10 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-09 03:08:25 +0000 (Thu, 09 Apr 2020)\");\n script_name(\"openSUSE: Security Advisory for exiv2 (openSUSE-SU-2020:0482-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0482-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'exiv2'\n package(s) announced via the openSUSE-SU-2020:0482-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for exiv2 fixes the following issues:\n\n exiv2 was updated to latest 0.26 branch, fixing bugs and security issues:\n\n - CVE-2017-1000126: Fixed an out of bounds read in webp parser\n (bsc#1068873).\n\n - CVE-2017-9239: Fixed a segmentation fault in\n TiffImageEntry::doWriteImage function (bsc#1040973).\n\n - CVE-2018-12264: Fixed an integer overflow in LoaderTiff::getData() which\n might have led to an out-of-bounds read (bsc#1097600).\n\n - CVE-2018-12265: Fixed integer overflows in LoaderExifJpeg which could\n have led to memory corruption (bsc#1097599).\n\n - CVE-2018-17229: Fixed a heap based buffer overflow in Exiv2::d2Data via\n a crafted image (bsc#1109175).\n\n - CVE-2018-17230: Fixed a heap based buffer overflow in Exiv2::d2Data via\n a crafted image (bsc#1109176).\n\n - CVE-2018-17282: Fixed a null pointer dereference in\n Exiv2::DataValue::copy (bsc#1109299).\n\n - CVE-2018-19108: Fixed an integer overflow in\n Exiv2::PsdImage::readMetadata which could have led to infinite loop\n (bsc#1115364).\n\n - CVE-2018-19607: Fixed a null pointer dereference in Exiv2::isoSpeed\n which might have led to denial\n of service (bsc#1117513).\n\n - CVE-2018-9305: Fixed an out of bounds read in IptcData::printStructure\n which might have led to to information leak or denial of service\n (bsc#1088424).\n\n - CVE-2019-13114: Fixed a null pointer dereference which might have led to\n denial of service via a crafted response of an malicious http server\n (bsc#1142684).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-482=1\");\n\n script_tag(name:\"affected\", value:\"'exiv2' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-debuginfo\", rpm:\"exiv2-debuginfo~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-debugsource\", rpm:\"exiv2-debugsource~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26\", rpm:\"libexiv2-26~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26-debuginfo\", rpm:\"libexiv2-26-debuginfo~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-devel\", rpm:\"libexiv2-devel~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-doc\", rpm:\"libexiv2-doc~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26-32bit\", rpm:\"libexiv2-26-32bit~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libexiv2-26-32bit-debuginfo\", rpm:\"libexiv2-26-32bit-debuginfo~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-lang\", rpm:\"exiv2-lang~0.26~lp151.7.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2017-17723", "CVE-2018-8977", "CVE-2018-12264", "CVE-2018-10958", "CVE-2017-5772", "CVE-2018-10998", "CVE-2018-5772", "CVE-2018-8976", "CVE-2018-9305", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-9144", "CVE-2017-17725"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-08-07T00:00:00", "id": "OPENVAS:1361412562310874899", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874899", "type": "openvas", "title": "Fedora Update for exiv2 FEDORA-2018-8b67a5c7e2", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8b67a5c7e2_exiv2_fc28.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for exiv2 FEDORA-2018-8b67a5c7e2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874899\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-07 06:04:33 +0200 (Tue, 07 Aug 2018)\");\n script_cve_id(\"CVE-2017-17723\", \"CVE-2017-17725\", \"CVE-2018-10958\", \"CVE-2018-10998\",\n \"CVE-2018-11531\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-14046\",\n \"CVE-2018-5772\", \"CVE-2018-8976\", \"CVE-2018-8977\", \"CVE-2018-9144\",\n \"CVE-2017-5772\", \"CVE-2018-9305\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for exiv2 FEDORA-2018-8b67a5c7e2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'exiv2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\non the target host.\");\n script_tag(name:\"affected\", value:\"exiv2 on Fedora 28\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8b67a5c7e2\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HH6QKTBXFX67VYRDSC4O4U34V237UUKC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC28\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.26~12.fc28\", rls:\"FC28\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:08", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2017-17723", "CVE-2018-8977", "CVE-2018-12264", "CVE-2018-10958", "CVE-2017-5772", "CVE-2018-10998", "CVE-2018-5772", "CVE-2018-8976", "CVE-2018-11037", "CVE-2018-10999", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-9146", "CVE-2018-9144", "CVE-2017-17725", "CVE-2017-17669", "CVE-2018-9145"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2018-08-10T00:00:00", "id": "OPENVAS:1361412562310874920", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874920", "type": "openvas", "title": "Fedora Update for exiv2 FEDORA-2018-871fa4d189", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_871fa4d189_exiv2_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for exiv2 FEDORA-2018-871fa4d189\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874920\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-08-10 06:26:10 +0200 (Fri, 10 Aug 2018)\");\n script_cve_id(\"CVE-2017-17723\", \"CVE-2017-17725\", \"CVE-2018-10958\", \"CVE-2018-10998\",\n \"CVE-2018-11531\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-14046\",\n \"CVE-2018-5772\", \"CVE-2018-8976\", \"CVE-2018-8977\", \"CVE-2018-9144\",\n \"CVE-2017-5772\", \"CVE-2018-10999\", \"CVE-2018-11037\", \"CVE-2017-17669\",\n \"CVE-2018-9145\", \"CVE-2018-9146\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for exiv2 FEDORA-2018-871fa4d189\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'exiv2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"exiv2 on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"FEDORA\", value:\"2018-871fa4d189\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PNW3W32O3CKFFTB3WX4STTENYJTMG5U7\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.26~12.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-09-20T14:39:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-19108", "CVE-2018-8977", "CVE-2018-18915", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-20096", "CVE-2018-10998", "CVE-2018-8976", "CVE-2018-19607", "CVE-2018-11037", "CVE-2018-9305", "CVE-2018-20099", "CVE-2018-19107", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-20098", "CVE-2018-17581", "CVE-2018-19535", "CVE-2018-17282", "CVE-2017-17724", "CVE-2018-20097", "CVE-2018-10772"], "description": "The remote host is missing an update for the ", "modified": "2019-09-20T00:00:00", "published": "2019-09-19T00:00:00", "id": "OPENVAS:1361412562310883101", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310883101", "type": "openvas", "title": "CentOS Update for exiv2 CESA-2019:2101 centos7 ", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.883101\");\n script_version(\"2019-09-20T05:25:28+0000\");\n script_cve_id(\"CVE-2017-17724\", \"CVE-2018-8976\", \"CVE-2018-8977\", \"CVE-2018-9305\", \"CVE-2018-10772\", \"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-11037\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-14046\", \"CVE-2018-17282\", \"CVE-2018-17581\", \"CVE-2018-18915\", \"CVE-2018-19107\", \"CVE-2018-19108\", \"CVE-2018-19535\", \"CVE-2018-19607\", \"CVE-2018-20096\", \"CVE-2018-20097\", \"CVE-2018-20098\", \"CVE-2018-20099\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-20 05:25:28 +0000 (Fri, 20 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-19 02:01:15 +0000 (Thu, 19 Sep 2019)\");\n script_name(\"CentOS Update for exiv2 CESA-2019:2101 centos7 \");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS7\");\n\n script_xref(name:\"CESA\", value:\"2019:2101\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2019-September/023446.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'exiv2'\n package(s) announced via the CESA-2019:2101 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The exiv2 packages provide a command line utility which can display and\nmanipulate image metadata such as EXIF, LPTC, and JPEG comments.\n\nThe following packages have been upgraded to a later upstream version:\nexiv2 (0.27.0). (BZ#1652637)\n\nSecurity Fix(es):\n\n * exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in\nsrc/iptc.cpp (CVE-2017-17724)\n\n * exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp\n(CVE-2018-8976)\n\n * exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function\nin canonmn_int.cpp (CVE-2018-8977)\n\n * exiv2: out of bounds read in IptcData::printStructure in iptc.c\n(CVE-2018-9305)\n\n * exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via\ncrafted file (CVE-2018-10772)\n\n * exiv2: SIGABRT caused by memory allocation in\ntypes.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)\n\n * exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)\n\n * exiv2: information leak via a crafted file (CVE-2018-11037)\n\n * exiv2: integer overflow in getData function in preview.cpp\n(CVE-2018-12264)\n\n * exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp\n(CVE-2018-12265)\n\n * exiv2: heap-based buffer over-read in WebPImage::decodeChunks in\nwebpimage.cpp (CVE-2018-14046)\n\n * exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp\nleading to application crash (CVE-2018-17282)\n\n * exiv2: Stack overflow in CiffDirectory::readDirectory() at\ncrwimage_int.cpp leading to denial of service (CVE-2018-17581)\n\n * exiv2: infinite loop in Exiv2::Image::printIFDStructure function in\nimage.cpp (CVE-2018-18915)\n\n * exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in\niptc.cpp (CVE-2018-19107)\n\n * exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp\n(CVE-2018-19108)\n\n * exiv2: heap-based buffer over-read in PngChunk::readRawProfile in\npngchunk_int.cpp (CVE-2018-19535)\n\n * exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp\n(CVE-2018-19607)\n\n * exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function\nresulting in a denial of service (CVE-2018-20096)\n\n * exiv2: Segmentation fault in\nExiv2::Internal::TiffParserWorker::findPrimaryGroups function\n(CVE-2018-20097)\n\n * exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header\nresulting in a denial of service (CVE-2018-20098)\n\n * exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a\ndenial of service (CVE-2018-20099)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.7 Release Notes linked from the References section.\");\n\n script_tag(name:\"affected\", value:\"'exiv2' package(s) on CentOS 7.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"CentOS7\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2\", rpm:\"exiv2~0.27.0~2.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-devel\", rpm:\"exiv2-devel~0.27.0~2.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-doc\", rpm:\"exiv2-doc~0.27.0~2.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"exiv2-libs\", rpm:\"exiv2-libs~0.27.0~2.el7_6\", rls:\"CentOS7\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2020-09-23T16:49:11", "description": "This update for exiv2 fixes the following issues :\n\nexiv2 was updated to latest 0.26 branch, fixing bugs and security\nissues :\n\n - CVE-2018-12264, CVE-2018-12265: Integer overflows in the\n LoaderExifJpeg class could lead to memory corruption\n (bsc#1097599)", "edition": 14, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-03-27T00:00:00", "title": "openSUSE Security Update : exiv2 (openSUSE-2019-816)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "modified": "2019-03-27T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:exiv2-lang", "p-cpe:/a:novell:opensuse:exiv2-debuginfo", "p-cpe:/a:novell:opensuse:exiv2", "p-cpe:/a:novell:opensuse:exiv2-debugsource", "p-cpe:/a:novell:opensuse:libexiv2-devel", "p-cpe:/a:novell:opensuse:libexiv2-26-32bit", "p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo", "p-cpe:/a:novell:opensuse:libexiv2-26", "p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo"], "id": "OPENSUSE-2019-816.NASL", "href": "https://www.tenable.com/plugins/nessus/123344", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-816.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123344);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/22\");\n\n script_cve_id(\"CVE-2018-12264\", \"CVE-2018-12265\");\n\n script_name(english:\"openSUSE Security Update : exiv2 (openSUSE-2019-816)\");\n script_summary(english:\"Check for the openSUSE-2019-816 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for exiv2 fixes the following issues :\n\nexiv2 was updated to latest 0.26 branch, fixing bugs and security\nissues :\n\n - CVE-2018-12264, CVE-2018-12265: Integer overflows in the\n LoaderExifJpeg class could lead to memory corruption\n (bsc#1097599)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097599\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected exiv2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-debuginfo-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-debugsource-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-lang-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libexiv2-26-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libexiv2-26-debuginfo-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libexiv2-devel-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libexiv2-26-32bit-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libexiv2-26-32bit-debuginfo-0.26-lp150.5.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / exiv2-debuginfo / exiv2-debugsource / exiv2-lang / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:54:01", "description": "According to the versions of the exiv2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Exiv2 0.26 has an integer overflow in the\n LoaderExifJpeg class in preview.cpp, leading to an\n out-of-bounds read in Exiv2::MemIo::read in\n basicio.cpp.(CVE-2018-12265)\n\n - Exiv2 0.26 has integer overflows in\n LoaderTiff::getData() in preview.cpp, leading to an\n out-of-bounds read in Exiv2::ValueType::setDataArea in\n value.hpp.(CVE-2018-12264)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "title": "EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2018-1287)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "modified": "2018-09-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:exiv2-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1287.NASL", "href": "https://www.tenable.com/plugins/nessus/117731", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117731);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12264\",\n \"CVE-2018-12265\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2018-1287)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the exiv2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Exiv2 0.26 has an integer overflow in the\n LoaderExifJpeg class in preview.cpp, leading to an\n out-of-bounds read in Exiv2::MemIo::read in\n basicio.cpp.(CVE-2018-12265)\n\n - Exiv2 0.26 has integer overflows in\n LoaderTiff::getData() in preview.cpp, leading to an\n out-of-bounds read in Exiv2::ValueType::setDataArea in\n value.hpp.(CVE-2018-12264)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1287\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?53cc505c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected exiv2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:exiv2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"exiv2-libs-0.23-6.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T08:54:01", "description": "According to the versions of the exiv2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Exiv2 0.26 has an integer overflow in the\n LoaderExifJpeg class in preview.cpp, leading to an\n out-of-bounds read in Exiv2::MemIo::read in\n basicio.cpp.(CVE-2018-12265)\n\n - Exiv2 0.26 has integer overflows in\n LoaderTiff::getData() in preview.cpp, leading to an\n out-of-bounds read in Exiv2::ValueType::setDataArea in\n value.hpp.(CVE-2018-12264)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-09-27T00:00:00", "title": "EulerOS 2.0 SP2 : exiv2 (EulerOS-SA-2018-1286)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "modified": "2018-09-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:exiv2-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2018-1286.NASL", "href": "https://www.tenable.com/plugins/nessus/117730", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(117730);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-12264\",\n \"CVE-2018-12265\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : exiv2 (EulerOS-SA-2018-1286)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the exiv2 package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - Exiv2 0.26 has an integer overflow in the\n LoaderExifJpeg class in preview.cpp, leading to an\n out-of-bounds read in Exiv2::MemIo::read in\n basicio.cpp.(CVE-2018-12265)\n\n - Exiv2 0.26 has integer overflows in\n LoaderTiff::getData() in preview.cpp, leading to an\n out-of-bounds read in Exiv2::ValueType::setDataArea in\n value.hpp.(CVE-2018-12264)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1286\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0521f13\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected exiv2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/09/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:exiv2-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"exiv2-libs-0.23-6.h2\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-05T11:16:28", "description": "This update for exiv2 fixes the following issues :\n\nexiv2 was updated to latest 0.26 branch, fixing bugs and security\nissues :\n\n - CVE-2018-12264, CVE-2018-12265: Integer overflows in the\n LoaderExifJpeg class could lead to memory corruption\n (bsc#1097599)", "edition": 13, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-10-24T00:00:00", "title": "openSUSE Security Update : exiv2 (openSUSE-2018-1224)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-12265"], "modified": "2018-10-24T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:exiv2-lang", "p-cpe:/a:novell:opensuse:exiv2-debuginfo", "p-cpe:/a:novell:opensuse:exiv2", "p-cpe:/a:novell:opensuse:exiv2-debugsource", "p-cpe:/a:novell:opensuse:libexiv2-devel", "p-cpe:/a:novell:opensuse:libexiv2-26-32bit", "p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo", "p-cpe:/a:novell:opensuse:libexiv2-26", "p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo"], "id": "OPENSUSE-2018-1224.NASL", "href": "https://www.tenable.com/plugins/nessus/118339", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2018-1224.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118339);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2018-12264\", \"CVE-2018-12265\");\n\n script_name(english:\"openSUSE Security Update : exiv2 (openSUSE-2018-1224)\");\n script_summary(english:\"Check for the openSUSE-2018-1224 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for exiv2 fixes the following issues :\n\nexiv2 was updated to latest 0.26 branch, fixing bugs and security\nissues :\n\n - CVE-2018-12264, CVE-2018-12265: Integer overflows in the\n LoaderExifJpeg class could lead to memory corruption\n (bsc#1097599)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097599\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected exiv2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-debuginfo-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-debugsource-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"exiv2-lang-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libexiv2-26-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libexiv2-26-debuginfo-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libexiv2-devel-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libexiv2-26-32bit-0.26-lp150.5.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libexiv2-26-32bit-debuginfo-0.26-lp150.5.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / exiv2-debuginfo / exiv2-debugsource / exiv2-lang / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T06:48:41", "description": "It was discovered that Exiv2 incorrectly handled certain files. An\nattacker could possibly use this to cause a denial of service.\n(CVE-2018-10958, CVE-2018-10998)\n\nIt was discovered that Exiv2 incorrectly handled certain PNG files. An\nattacker could possibly use this to access sensitive information.\n(CVE-2018-10999)\n\nIt was discovered that Exiv2 incorrectly handled certain files. An\nattacker could possibly use this to execute arbitrary code.\n(CVE-2018-11531)\n\nIt was discovered that Exiv2 incorrectly handled certain files. An\nattacker could possibly use this to access sensitive information.\n(CVE-2018-12264, CVE-2018-12265).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-05T00:00:00", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : exiv2 vulnerabilities (USN-3700-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:17.10", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-12", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:exiv2", "p-cpe:/a:canonical:ubuntu_linux:libexiv2-14", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3700-1.NASL", "href": "https://www.tenable.com/plugins/nessus/110922", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3700-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110922);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/09/18 12:31:48\");\n\n script_cve_id(\"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-10999\", \"CVE-2018-11531\", \"CVE-2018-12264\", \"CVE-2018-12265\");\n script_xref(name:\"USN\", value:\"3700-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 17.10 / 18.04 LTS : exiv2 vulnerabilities (USN-3700-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Exiv2 incorrectly handled certain files. An\nattacker could possibly use this to cause a denial of service.\n(CVE-2018-10958, CVE-2018-10998)\n\nIt was discovered that Exiv2 incorrectly handled certain PNG files. An\nattacker could possibly use this to access sensitive information.\n(CVE-2018-10999)\n\nIt was discovered that Exiv2 incorrectly handled certain files. An\nattacker could possibly use this to execute arbitrary code.\n(CVE-2018-11531)\n\nIt was discovered that Exiv2 incorrectly handled certain files. An\nattacker could possibly use this to access sensitive information.\n(CVE-2018-12264, CVE-2018-12265).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3700-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected exiv2, libexiv2-12 and / or libexiv2-14 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-12\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libexiv2-14\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:17.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2018-2019 Canonical, Inc. / NASL script (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04|16\\.04|17\\.10|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04 / 16.04 / 17.10 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"exiv2\", pkgver:\"0.23-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libexiv2-12\", pkgver:\"0.23-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"exiv2\", pkgver:\"0.25-2.1ubuntu16.04.2\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libexiv2-14\", pkgver:\"0.25-2.1ubuntu16.04.2\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"exiv2\", pkgver:\"0.25-3.1ubuntu0.17.10.1\")) flag++;\nif (ubuntu_check(osver:\"17.10\", pkgname:\"libexiv2-14\", pkgver:\"0.25-3.1ubuntu0.17.10.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"exiv2\", pkgver:\"0.25-3.1ubuntu0.18.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libexiv2-14\", pkgver:\"0.25-3.1ubuntu0.18.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / libexiv2-12 / libexiv2-14\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T09:39:22", "description": "Several vulnerabilities have been discovered in exiv2, a C++ library\nand a command line utility to manage image metadata, resulting in\ndenial of service, heap-based buffer over-read/overflow, memory\nexhaustion, and application crash.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n0.24-4.1+deb8u1.\n\nWe recommend that you upgrade your exiv2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 20, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-06-28T00:00:00", "title": "Debian DLA-1402-1 : exiv2 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "modified": "2018-06-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libexiv2-13", "p-cpe:/a:debian:debian_linux:exiv2", "cpe:/o:debian:debian_linux:8.0", "p-cpe:/a:debian:debian_linux:libexiv2-dev", "p-cpe:/a:debian:debian_linux:libexiv2-doc", "p-cpe:/a:debian:debian_linux:libexiv2-dbg"], "id": "DEBIAN_DLA-1402.NASL", "href": "https://www.tenable.com/plugins/nessus/110728", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1402-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(110728);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-10999\", \"CVE-2018-11531\", \"CVE-2018-12264\", \"CVE-2018-12265\");\n\n script_name(english:\"Debian DLA-1402-1 : exiv2 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in exiv2, a C++ library\nand a command line utility to manage image metadata, resulting in\ndenial of service, heap-based buffer over-read/overflow, memory\nexhaustion, and application crash.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n0.24-4.1+deb8u1.\n\nWe recommend that you upgrade your exiv2 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/exiv2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libexiv2-13\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libexiv2-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libexiv2-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libexiv2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/06/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"exiv2\", reference:\"0.24-4.1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libexiv2-13\", reference:\"0.24-4.1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libexiv2-dbg\", reference:\"0.24-4.1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libexiv2-dev\", reference:\"0.24-4.1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libexiv2-doc\", reference:\"0.24-4.1+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-01T01:47:32", "description": "Several vulnerabilities have been discovered in Exiv2, a C++ library\nand a command line utility to manage image metadata which could result\nin denial of service or the execution of arbitrary code if a malformed\nfile is parsed.", "edition": 23, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2018-07-05T00:00:00", "title": "Debian DSA-4238-1 : exiv2 - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:exiv2", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4238.NASL", "href": "https://www.tenable.com/plugins/nessus/110910", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4238. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(110910);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/13 12:30:47\");\n\n script_cve_id(\"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-10999\", \"CVE-2018-11531\", \"CVE-2018-12264\", \"CVE-2018-12265\");\n script_xref(name:\"DSA\", value:\"4238\");\n\n script_name(english:\"Debian DSA-4238-1 : exiv2 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in Exiv2, a C++ library\nand a command line utility to manage image metadata which could result\nin denial of service or the execution of arbitrary code if a malformed\nfile is parsed.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/exiv2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/exiv2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4238\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the exiv2 packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 0.25-3.1+deb9u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"exiv2\", reference:\"0.25-3.1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libexiv2-14\", reference:\"0.25-3.1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libexiv2-dbg\", reference:\"0.25-3.1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libexiv2-dev\", reference:\"0.25-3.1+deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libexiv2-doc\", reference:\"0.25-3.1+deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:19:11", "description": "Exiv2 update with security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2018-08-10T00:00:00", "title": "Fedora 27 : exiv2 (2018-871fa4d189)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-9144", "CVE-2017-17669"], "modified": "2018-08-10T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:27", "p-cpe:/a:fedoraproject:fedora:exiv2"], "id": "FEDORA_2018-871FA4D189.NASL", "href": "https://www.tenable.com/plugins/nessus/111620", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-871fa4d189.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(111620);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17669\", \"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-14046\", \"CVE-2018-9144\");\n script_xref(name:\"FEDORA\", value:\"2018-871fa4d189\");\n\n script_name(english:\"Fedora 27 : exiv2 (2018-871fa4d189)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Exiv2 update with security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-871fa4d189\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected exiv2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:27\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/12/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/08/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^27([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 27\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC27\", reference:\"exiv2-0.26-12.fc27\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:19:17", "description": "Exiv2 update with security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 11, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-03T00:00:00", "title": "Fedora 28 : exiv2 (2018-8b67a5c7e2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-9305", "CVE-2018-14046", "CVE-2018-12265", "CVE-2017-9953", "CVE-2018-9144", "CVE-2017-17724", "CVE-2017-17669"], "modified": "2019-01-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:exiv2", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2018-8B67A5C7E2.NASL", "href": "https://www.tenable.com/plugins/nessus/120594", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2018-8b67a5c7e2.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(120594);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-17669\", \"CVE-2017-17724\", \"CVE-2017-9953\", \"CVE-2018-10958\", \"CVE-2018-10998\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-14046\", \"CVE-2018-9144\", \"CVE-2018-9305\");\n script_xref(name:\"FEDORA\", value:\"2018-8b67a5c7e2\");\n\n script_name(english:\"Fedora 28 : exiv2 (2018-8b67a5c7e2)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Exiv2 update with security fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2018-8b67a5c7e2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected exiv2 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"exiv2-0.26-12.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-16T17:23:04", "description": "This update for exiv2 fixes the following issues :\n\nexiv2 was updated to latest 0.26 branch, fixing bugs and security\nissues :\n\n - CVE-2017-1000126: Fixed an out of bounds read in webp\n parser (bsc#1068873).\n\n - CVE-2017-9239: Fixed a segmentation fault in\n TiffImageEntry::doWriteImage function (bsc#1040973).\n\n - CVE-2018-12264: Fixed an integer overflow in\n LoaderTiff::getData() which might have led to an\n out-of-bounds read (bsc#1097600).\n\n - CVE-2018-12265: Fixed integer overflows in\n LoaderExifJpeg which could have led to memory corruption\n (bsc#1097599).\n\n - CVE-2018-17229: Fixed a heap based buffer overflow in\n Exiv2::d2Data via a crafted image (bsc#1109175).\n\n - CVE-2018-17230: Fixed a heap based buffer overflow in\n Exiv2::d2Data via a crafted image (bsc#1109176).\n\n - CVE-2018-17282: Fixed a NULL pointer dereference in\n Exiv2::DataValue::copy (bsc#1109299).\n\n - CVE-2018-19108: Fixed an integer overflow in\n Exiv2::PsdImage::readMetadata which could have led to\n infinite loop (bsc#1115364).\n\n - CVE-2018-19607: Fixed a NULL pointer dereference in\n Exiv2::isoSpeed which might have led to denial of\n service (bsc#1117513).\n\n - CVE-2018-9305: Fixed an out of bounds read in\n IptcData::printStructure which might have led to to\n information leak or denial of service (bsc#1088424).\n\n - CVE-2019-13114: Fixed a NULL pointer dereference which\n might have led to denial of service via a crafted\n response of an malicious http server (bsc#1142684).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 2, "cvss3": {"score": 8.8, "vector": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-10T00:00:00", "title": "openSUSE Security Update : exiv2 (openSUSE-2020-482)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2018-19108", "CVE-2018-12264", "CVE-2018-19607", "CVE-2018-17229", "CVE-2017-9239", "CVE-2018-9305", "CVE-2017-1000126", "CVE-2018-12265", "CVE-2018-17230", "CVE-2018-17282", "CVE-2019-13114"], "modified": "2020-04-10T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.1", "p-cpe:/a:novell:opensuse:exiv2-lang", "p-cpe:/a:novell:opensuse:exiv2-debuginfo", "p-cpe:/a:novell:opensuse:exiv2", "p-cpe:/a:novell:opensuse:exiv2-debugsource", "p-cpe:/a:novell:opensuse:libexiv2-devel", "p-cpe:/a:novell:opensuse:libexiv2-26-32bit", "p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo", "p-cpe:/a:novell:opensuse:libexiv2-26", "p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo"], "id": "OPENSUSE-2020-482.NASL", "href": "https://www.tenable.com/plugins/nessus/135384", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-482.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135384);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/14\");\n\n script_cve_id(\"CVE-2017-1000126\", \"CVE-2017-9239\", \"CVE-2018-12264\", \"CVE-2018-12265\", \"CVE-2018-17229\", \"CVE-2018-17230\", \"CVE-2018-17282\", \"CVE-2018-19108\", \"CVE-2018-19607\", \"CVE-2018-9305\", \"CVE-2019-13114\");\n\n script_name(english:\"openSUSE Security Update : exiv2 (openSUSE-2020-482)\");\n script_summary(english:\"Check for the openSUSE-2020-482 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for exiv2 fixes the following issues :\n\nexiv2 was updated to latest 0.26 branch, fixing bugs and security\nissues :\n\n - CVE-2017-1000126: Fixed an out of bounds read in webp\n parser (bsc#1068873).\n\n - CVE-2017-9239: Fixed a segmentation fault in\n TiffImageEntry::doWriteImage function (bsc#1040973).\n\n - CVE-2018-12264: Fixed an integer overflow in\n LoaderTiff::getData() which might have led to an\n out-of-bounds read (bsc#1097600).\n\n - CVE-2018-12265: Fixed integer overflows in\n LoaderExifJpeg which could have led to memory corruption\n (bsc#1097599).\n\n - CVE-2018-17229: Fixed a heap based buffer overflow in\n Exiv2::d2Data via a crafted image (bsc#1109175).\n\n - CVE-2018-17230: Fixed a heap based buffer overflow in\n Exiv2::d2Data via a crafted image (bsc#1109176).\n\n - CVE-2018-17282: Fixed a NULL pointer dereference in\n Exiv2::DataValue::copy (bsc#1109299).\n\n - CVE-2018-19108: Fixed an integer overflow in\n Exiv2::PsdImage::readMetadata which could have led to\n infinite loop (bsc#1115364).\n\n - CVE-2018-19607: Fixed a NULL pointer dereference in\n Exiv2::isoSpeed which might have led to denial of\n service (bsc#1117513).\n\n - CVE-2018-9305: Fixed an out of bounds read in\n IptcData::printStructure which might have led to to\n information leak or denial of service (bsc#1088424).\n\n - CVE-2019-13114: Fixed a NULL pointer dereference which\n might have led to denial of service via a crafted\n response of an malicious http server (bsc#1142684).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040973\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1088424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1097600\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1109299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1115364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1117513\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1142684\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected exiv2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:exiv2-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-26-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libexiv2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/05/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"exiv2-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"exiv2-debuginfo-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"exiv2-debugsource-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"exiv2-lang-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libexiv2-26-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libexiv2-26-debuginfo-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libexiv2-devel-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libexiv2-26-32bit-0.26-lp151.7.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libexiv2-26-32bit-debuginfo-0.26-lp151.7.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"exiv2 / exiv2-debuginfo / exiv2-debugsource / exiv2-lang / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T00:51:30", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "description": "Package : exiv2\nVersion : 0.24-4.1+deb8u1\nCVE ID : CVE-2018-10958 CVE-2018-10998 CVE-2018-10999 CVE-2018-11531 \n CVE-2018-12264 CVE-2018-12265\nDebian Bug : 901706 901707\n\n\nSeveral vulnerabilities have been discovered in exiv2, a C++ library and\na command line utility to manage image metadata, resulting in denial of\nservice, heap-based buffer over-read/overflow, memory exhaustion, and\napplication crash.\n\nFor Debian 8 "Jessie", these problems have been fixed in version\n0.24-4.1+deb8u1.\n\nWe recommend that you upgrade your exiv2 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 8, "modified": "2018-06-28T05:17:18", "published": "2018-06-28T05:17:18", "id": "DEBIAN:DLA-1402-1:8B5D3", "href": "https://lists.debian.org/debian-lts-announce/2018/debian-lts-announce-201806/msg00010.html", "title": "[SECURITY] [DLA 1402-1] exiv2 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-08-12T00:47:14", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4238-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 03, 2018 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : exiv2\nCVE ID : CVE-2018-10958 CVE-2018-10998 CVE-2018-10999 CVE-2018-11531 \n CVE-2018-12264 CVE-2018-12265\n\nSeveral vulnerabilites have been discovered in Exiv2, a C++ library and\na command line utility to manage image metadata which could result in\ndenial of service or the execution of arbitrary code if a malformed file\nis parsed.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 0.25-3.1+deb9u1.\n\nWe recommend that you upgrade your exiv2 packages.\n\nFor the detailed security status of exiv2 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/exiv2\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2018-07-03T21:03:13", "published": "2018-07-03T21:03:13", "id": "DEBIAN:DSA-4238-1:01C30", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2018/msg00167.html", "title": "[SECURITY] [DSA 4238-1] exiv2 security update", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2020-07-02T11:38:40", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11531", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-12265"], "description": "It was discovered that Exiv2 incorrectly handled certain files. \nAn attacker could possibly use this to cause a denial of service. \n(CVE-2018-10958, CVE-2018-10998)\n\nIt was discovered that Exiv2 incorrectly handled certain PNG files. \nAn attacker could possibly use this to access sensitive information. \n(CVE-2018-10999)\n\nIt was discovered that Exiv2 incorrectly handled certain files. \nAn attacker could possibly use this to execute arbitrary code. \n(CVE-2018-11531)\n\nIt was discovered that Exiv2 incorrectly handled certain files. \nAn attacker could possibly use this to access sensitive information. \n(CVE-2018-12264, CVE-2018-12265)", "edition": 5, "modified": "2018-07-03T00:00:00", "published": "2018-07-03T00:00:00", "id": "USN-3700-1", "href": "https://ubuntu.com/security/notices/USN-3700-1", "title": "Exiv2 vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17723", "CVE-2017-17725", "CVE-2017-5772", "CVE-2018-10958", "CVE-2018-11531", "CVE-2018-12264", "CVE-2018-12265", "CVE-2018-14046", "CVE-2018-8976", "CVE-2018-8977", "CVE-2018-9144", "CVE-2018-9305"], "description": "A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata of Jpeg images * adjust the Exif timestamp (that's how it all started...) * rename Exif image files according to the Exif timestamp * extract, insert and delete Exif metadata (including thumbnails), Iptc metadata and Jpeg comments ", "modified": "2018-08-07T01:20:04", "published": "2018-08-07T01:20:04", "id": "FEDORA:A6FF1616A923", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: exiv2-0.26-12.fc28", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:54", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17669", "CVE-2017-17723", "CVE-2017-17725", "CVE-2017-5772", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-11037", "CVE-2018-11531", "CVE-2018-12264", "CVE-2018-12265", "CVE-2018-14046", "CVE-2018-8976", "CVE-2018-8977", "CVE-2018-9144", "CVE-2018-9145", "CVE-2018-9146"], "description": "A command line utility to access image metadata, allowing one to: * print the Exif metadata of Jpeg images as summary info, interpreted value s, or the plain data for each tag * print the Iptc metadata of Jpeg images * print the Jpeg comment of Jpeg images * set, add and delete Exif and Iptc metadata of Jpeg images * adjust the Exif timestamp (that's how it all started...) * rename Exif image files according to the Exif timestamp * extract, insert and delete Exif metadata (including thumbnails), Iptc metadata and Jpeg comments ", "modified": "2018-08-09T16:53:01", "published": "2018-08-09T16:53:01", "id": "FEDORA:E607363306B2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 27 Update: exiv2-0.26-12.fc27", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2018-11-25T05:02:58", "bulletinFamily": "unix", "cvelist": ["CVE-2018-11531", "CVE-2017-17723", "CVE-2018-8977", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-9304", "CVE-2018-10998", "CVE-2018-5772", "CVE-2018-8976", "CVE-2018-9303", "CVE-2018-11037", "CVE-2018-9305", "CVE-2018-10999", "CVE-2018-12265", "CVE-2018-9306", "CVE-2018-10780", "CVE-2018-9146", "CVE-2018-9144", "CVE-2017-17724", "CVE-2018-9145"], "description": "### Background\n\nExiv2 is a C++ library and a command line utility to manage image metadata. \n\n### Description\n\nMultiple vulnerabilities have been discovered in Exiv2. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could cause a Denial of Service condition or obtain sensitive information via a specially crafted file. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Exiv2 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=media-gfx/exiv2-0.26_p20180811-r3\"", "edition": 1, "modified": "2018-11-24T00:00:00", "published": "2018-11-24T00:00:00", "id": "GLSA-201811-14", "href": "https://security.gentoo.org/glsa/201811-14", "title": "Exiv2: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "amazon": [{"lastseen": "2020-11-10T12:36:18", "bulletinFamily": "unix", "cvelist": ["CVE-2018-19108", "CVE-2018-8977", "CVE-2018-18915", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-20096", "CVE-2018-10998", "CVE-2018-8976", "CVE-2018-19607", "CVE-2018-11037", "CVE-2018-9305", "CVE-2018-20099", "CVE-2018-19107", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-20098", "CVE-2018-17581", "CVE-2018-19535", "CVE-2018-17282", "CVE-2017-17724", "CVE-2018-20097", "CVE-2018-10772"], "description": "**Issue Overview:**\n\nAn integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of memory.([CVE-2017-17724 __](<https://access.redhat.com/security/cve/CVE-2017-17724>))\n\nThe tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.([CVE-2018-10772 __](<https://access.redhat.com/security/cve/CVE-2018-10772>))\n\nIn types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.([CVE-2018-10958 __](<https://access.redhat.com/security/cve/CVE-2018-10958>))\n\nAn issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.([CVE-2018-10998 __](<https://access.redhat.com/security/cve/CVE-2018-10998>))\n\nIn Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file.([CVE-2018-11037 __](<https://access.redhat.com/security/cve/CVE-2018-11037>))\n\nExiv2 0.26 has integer overflows in LoaderTiff::getData() in preview.cpp, leading to an out-of-bounds read in Exiv2::ValueType::setDataArea in value.hpp.([CVE-2018-12264 __](<https://access.redhat.com/security/cve/CVE-2018-12264>))\n\nExiv2 0.26 has an integer overflow in the LoaderExifJpeg class in preview.cpp, leading to an out-of-bounds read in Exiv2::MemIo::read in basicio.cpp.([CVE-2018-12265 __](<https://access.redhat.com/security/cve/CVE-2018-12265>))\n\nExiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.([CVE-2018-14046 __](<https://access.redhat.com/security/cve/CVE-2018-14046>))\n\nAn issue was discovered in Exiv2 v0.26. The function Exiv2::DataValue::copy in value.cpp has a NULL pointer dereference.([CVE-2018-17282 __](<https://access.redhat.com/security/cve/CVE-2018-17282>))\n\nCiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service.([CVE-2018-17581 __](<https://access.redhat.com/security/cve/CVE-2018-17581>))\n\nThere is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack.([CVE-2018-18915 __](<https://access.redhat.com/security/cve/CVE-2018-18915>))\n\nIn Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.([CVE-2018-19107 __](<https://access.redhat.com/security/cve/CVE-2018-19107>))\n\nIn Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.([CVE-2018-19108 __](<https://access.redhat.com/security/cve/CVE-2018-19108>))\n\nIn Exiv2 0.26 and previous versions, PngChunk::readRawProfile in pngchunk_int.cpp may cause a denial of service (application crash due to a heap-based buffer over-read) via a crafted PNG file.([CVE-2018-19535 __](<https://access.redhat.com/security/cve/CVE-2018-19535>))\n\nExiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.([CVE-2018-19607 __](<https://access.redhat.com/security/cve/CVE-2018-19607>))\n\nThere is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.([CVE-2018-20096 __](<https://access.redhat.com/security/cve/CVE-2018-20096>))\n\nThere is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.([CVE-2018-20097 __](<https://access.redhat.com/security/cve/CVE-2018-20097>))\n\nThere is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.([CVE-2018-20098 __](<https://access.redhat.com/security/cve/CVE-2018-20098>))\n\nThere is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack.([CVE-2018-20099 __](<https://access.redhat.com/security/cve/CVE-2018-20099>))\n\nIn Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file.([CVE-2018-8976 __](<https://access.redhat.com/security/cve/CVE-2018-8976>))\n\nIn Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file.([CVE-2018-8977 __](<https://access.redhat.com/security/cve/CVE-2018-8977>))\n\nAn out-of-bounds read vulnerability has been discovered in IptcData::printStructure in iptc.cpp file of Exiv2 0.26. An attacker could cause a crash or an information leak by providing a crafted image.([CVE-2018-9305 __](<https://access.redhat.com/security/cve/CVE-2018-9305>))\n\n \n**Affected Packages:** \n\n\nexiv2\n\n \n**Issue Correction:** \nRun _yum update exiv2_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n exiv2-0.27.0-3.amzn2.0.1.aarch64 \n exiv2-devel-0.27.0-3.amzn2.0.1.aarch64 \n exiv2-libs-0.27.0-3.amzn2.0.1.aarch64 \n exiv2-debuginfo-0.27.0-3.amzn2.0.1.aarch64 \n \n i686: \n exiv2-0.27.0-3.amzn2.0.1.i686 \n exiv2-devel-0.27.0-3.amzn2.0.1.i686 \n exiv2-libs-0.27.0-3.amzn2.0.1.i686 \n exiv2-debuginfo-0.27.0-3.amzn2.0.1.i686 \n \n noarch: \n exiv2-doc-0.27.0-3.amzn2.0.1.noarch \n \n src: \n exiv2-0.27.0-3.amzn2.0.1.src \n \n x86_64: \n exiv2-0.27.0-3.amzn2.0.1.x86_64 \n exiv2-devel-0.27.0-3.amzn2.0.1.x86_64 \n exiv2-libs-0.27.0-3.amzn2.0.1.x86_64 \n exiv2-debuginfo-0.27.0-3.amzn2.0.1.x86_64 \n \n \n", "edition": 1, "modified": "2019-10-21T18:01:00", "published": "2019-10-21T18:01:00", "id": "ALAS2-2019-1339", "href": "https://alas.aws.amazon.com/AL2/ALAS-2019-1339.html", "title": "Low: exiv2", "type": "amazon", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-08-14T08:37:47", "bulletinFamily": "unix", "cvelist": ["CVE-2018-19108", "CVE-2018-8977", "CVE-2018-18915", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-20096", "CVE-2018-10998", "CVE-2018-8976", "CVE-2018-19607", "CVE-2018-11037", "CVE-2018-9305", "CVE-2018-20099", "CVE-2018-19107", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-20098", "CVE-2018-17581", "CVE-2018-19535", "CVE-2018-17282", "CVE-2017-17724", "CVE-2018-20097", "CVE-2018-10772"], "description": "[0.27.0-2]\n- Minor improvements\n Resolves: bz#1652637\n[0.27.0-1]\n- Exiv2 0.27.0\n Resolves: bz#1652637", "edition": 1, "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "ELSA-2019-2101", "href": "http://linux.oracle.com/errata/ELSA-2019-2101.html", "title": "exiv2 security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "centos": [{"lastseen": "2020-12-08T03:39:06", "bulletinFamily": "unix", "cvelist": ["CVE-2018-19108", "CVE-2018-8977", "CVE-2018-18915", "CVE-2018-12264", "CVE-2018-10958", "CVE-2018-20096", "CVE-2018-10998", "CVE-2018-8976", "CVE-2018-19607", "CVE-2018-11037", "CVE-2018-9305", "CVE-2018-10999", "CVE-2018-20099", "CVE-2018-19107", "CVE-2018-14046", "CVE-2018-12265", "CVE-2018-20098", "CVE-2018-17581", "CVE-2018-19535", "CVE-2018-17282", "CVE-2017-17724", "CVE-2018-20097", "CVE-2018-10772"], "description": "**CentOS Errata and Security Advisory** CESA-2019:2101\n\n\nThe exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments.\n\nThe following packages have been upgraded to a later upstream version: exiv2 (0.27.0). (BZ#1652637)\n\nSecurity Fix(es):\n\n* exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp (CVE-2017-17724)\n\n* exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp (CVE-2018-8976)\n\n* exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp (CVE-2018-8977)\n\n* exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305)\n\n* exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772)\n\n* exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)\n\n* exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)\n\n* exiv2: information leak via a crafted file (CVE-2018-11037)\n\n* exiv2: integer overflow in getData function in preview.cpp (CVE-2018-12264)\n\n* exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265)\n\n* exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp (CVE-2018-14046)\n\n* exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282)\n\n* exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581)\n\n* exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915)\n\n* exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107)\n\n* exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108)\n\n* exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535)\n\n* exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607)\n\n* exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096)\n\n* exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097)\n\n* exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098)\n\n* exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2019-September/035484.html\n\n**Affected packages:**\nexiv2\nexiv2-devel\nexiv2-doc\nexiv2-libs\n\n**Upstream details at:**\n", "edition": 4, "modified": "2019-09-18T20:54:21", "published": "2019-09-18T20:54:21", "id": "CESA-2019:2101", "href": "http://lists.centos.org/pipermail/centos-announce/2019-September/035484.html", "title": "exiv2 security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-12-11T13:31:02", "bulletinFamily": "unix", "cvelist": ["CVE-2017-17724", "CVE-2018-10772", "CVE-2018-10958", "CVE-2018-10998", "CVE-2018-10999", "CVE-2018-11037", "CVE-2018-12264", "CVE-2018-12265", "CVE-2018-14046", "CVE-2018-17282", "CVE-2018-17581", "CVE-2018-18915", "CVE-2018-19107", "CVE-2018-19108", "CVE-2018-19535", "CVE-2018-19607", "CVE-2018-20096", "CVE-2018-20097", "CVE-2018-20098", "CVE-2018-20099", "CVE-2018-8976", "CVE-2018-8977", "CVE-2018-9305"], "description": "The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments.\n\nThe following packages have been upgraded to a later upstream version: exiv2 (0.27.0). (BZ#1652637)\n\nSecurity Fix(es):\n\n* exiv2: heap-buffer-overflow in Exiv2::IptcData::printStructure in src/iptc.cpp (CVE-2017-17724)\n\n* exiv2: out-of-bounds read in Exiv2::Internal::stringFormat image.cpp (CVE-2018-8976)\n\n* exiv2: invalid memory access in Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp (CVE-2018-8977)\n\n* exiv2: out of bounds read in IptcData::printStructure in iptc.c (CVE-2018-9305)\n\n* exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file (CVE-2018-10772)\n\n* exiv2: SIGABRT caused by memory allocation in types.cpp:Exiv2::Internal::PngChunk::zlibUncompress() (CVE-2018-10958)\n\n* exiv2: SIGABRT by triggering an incorrect Safe::add call (CVE-2018-10998)\n\n* exiv2: information leak via a crafted file (CVE-2018-11037)\n\n* exiv2: integer overflow in getData function in preview.cpp (CVE-2018-12264)\n\n* exiv2: integer overflow in the LoaderExifJpeg class in preview.cpp (CVE-2018-12265)\n\n* exiv2: heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp (CVE-2018-14046)\n\n* exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash (CVE-2018-17282)\n\n* exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service (CVE-2018-17581)\n\n* exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp (CVE-2018-18915)\n\n* exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp (CVE-2018-19107)\n\n* exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp (CVE-2018-19108)\n\n* exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp (CVE-2018-19535)\n\n* exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp (CVE-2018-19607)\n\n* exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service (CVE-2018-20096)\n\n* exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function (CVE-2018-20097)\n\n* exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20098)\n\n* exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service (CVE-2018-20099)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.7 Release Notes linked from the References section.", "modified": "2019-12-02T08:07:36", "published": "2019-08-06T12:00:57", "id": "RHSA-2019:2101", "href": "https://access.redhat.com/errata/RHSA-2019:2101", "type": "redhat", "title": "(RHSA-2019:2101) Low: exiv2 security, bug fix, and enhancement update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}]}
